Git mirror commit 19a6ceb89dbacf74697d493e48c388767126d418.
It includes an update of wpa_supplicant to version 2.7.
It includes an update of the OpenSSL baseline to version 1.1.1a.
Update #3472.
Git mirror commit 59f44d20be3f99d181ca742e636d45fc39ec982b.
This commit updates OpenSSL to version 1.1.1. This required an update
of racoon which uses some internal stuff from OpenSSL and seems to be
mostly unmaintained, e.g. there is update in the FreeBSD ports to cope
with OpenSSL 1.1.1.
Update #3472.
Remove unused files which may make trouble during FreeBSD baseline
updates. It also increased the compile-time of the library for nothing.
Update #3472.
hostapd: Avoid key reinstallation in FT handshake
Prevent reinstallation of an already in-use group key
Extend protection of GTK/IGTK reinstallation of WNM-Sleep Mode cases
Fix TK configuration to the driver in EAPOL-Key 3/4 retry case
Prevent installation of an all-zero TK
Fix PTK rekeying to generate a new ANonce
TDLS: Reject TPK-TK reconfiguration
WNM: Ignore Key Data in WNM Sleep Mode Response frame if no PMF in use
WNM: Ignore WNM-Sleep Mode Response if WNM-Sleep Mode has not been used
WNM: Ignore WNM-Sleep Mode Response without pending request
FT: Do not allow multiple Reassociation Response frames
TDLS: Ignore incoming TDLS Setup Response retries
Submitted by: jhb
Obtained from: https://w1.fi/security/2017-01/ (against later version)
Security: FreeBSD-SA-17:07
Security: CERT VU#228519
Security: CVE-2017-13077
Security: CVE-2017-13078
Security: CVE-2017-13079
Security: CVE-2017-13080
Security: CVE-2017-13081
Security: CVE-2017-13082
Security: CVE-2017-13086
Security: CVE-2017-13087
Security: CVE-2017-13088
Differential Revision: https://reviews.freebsd.org/D12693
The following files are now provided by Newlib:
* arpa/inet.h
* net/if.h
* netinet/in.h
* netinet/tcp.h
* sys/socket.h
* sys/uio.h
* sys/un.h
The <sys/param.h> and <sys/cpuset.h> are now compatible enough to be
used directly.
Update #2833.
Some of the commands have been adapted manually. So the wrapper
currently don't necessarily work as expected. For example ifconfig calls
malloc outside of the program call.
