Update ChangeLog files for v2.6

This adds a summary of new changes since the last update.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2016-09-25 21:08:18 +03:00
parent 7084c4d489
commit 61bcc85398
2 changed files with 41 additions and 4 deletions

View File

@ -5,7 +5,7 @@ ChangeLog for hostapd
[http://w1.fi/security/2015-7/] (CVE-2015-5314)
* fixed WPS configuration update vulnerability with malformed passphrase
[http://w1.fi/security/2016-1/] (CVE-2016-4476)
* extended channel switch support fot VHT bandwidth changes
* extended channel switch support for VHT bandwidth changes
* added support for configuring new ANQP-elements with
anqp_elem=<InfoID>:<hexdump of payload>
* fixed Suite B 192-bit AKM to use proper PMK length
@ -30,6 +30,8 @@ ChangeLog for hostapd
- minimal support for PKCS #12
- support OCSP stapling (including ocsp_multi)
* added support for OpenSSL 1.1 API changes
- drop support for OpenSSL 0.9.8
- drop support for OpenSSL 1.0.0
* EAP-PEAP: support fast-connect crypto binding
* RADIUS
- fix Called-Station-Id to not escape SSID
@ -41,18 +43,34 @@ ChangeLog for hostapd
Tunnel_password case
- update full message for interim accounting updates
- add Acct-Delay-Time into Accounting messages
- add require_message_authenticator configuration option to require
CoA/Disconnect-Request packets to be authenticated
* started to postpone WNM-Notification frame sending by 100 ms so that
the STA has some more time to configure the key before this frame is
received after the 4-way handshake
* VHT: added interoperability workaround for 80+80 and 160 MHz channels
* extended VLAN support (per-STA vif, etc.)
* fixed PMKID derivation with SAE
* nl80211: added support for full station state operations
* nl80211
- added support for full station state operations
- fix IEEE 802.1X/WEP EAP reauthentication and rekeying to use
unencrypted EAPOL frames
* added initial MBO support; number of extensions to WNM BSS Transition
Management
* added initial functionality for location related operations
* added assocresp_elements parameter to allow vendor specific elements
to be added into (Re)Association Response frames
* improved Public Action frame addressing
- use Address 3 = wildcard BSSID in GAS response if a query from an
unassociated STA used that address
- fix TX status processing for Address 3 = wildcard BSSID
- add gas_address3 configuration parameter to control Address 3
behavior
* added command line parameter -i to override interface parameter in
hostapd.conf
* added command completion support to hostapd_cli
* added passive client taxonomy determination (CONFIG_TAXONOMY=y
compile option and "SIGNATURE <addr>" control interface command)
* number of small fixes
2015-09-27 - v2.5

View File

@ -23,8 +23,20 @@ ChangeLog for wpa_supplicant
- fix PMKID derivation
- improve robustness on various exchanges
- fix peer link counting in reconnect case
- improve mesh joining behavior
- allow DTIM period to be configured
- allow HT to be disabled (disable_ht=1)
- add MESH_PEER_ADD and MESH_PEER_REMOVE commands
- add support for PMKSA caching
- add minimal support for SAE group negotiation
- allow pairwise/group cipher to be configured in the network profile
- use ieee80211w profile parameter to enable/disable PMF and derive
a separate TX IGTK if PMF is enabled instead of using MGTK
incorrectly
- fix AEK and MTK derivation
- remove GTKdata and IGTKdata from Mesh Peering Confirm/Close
- note: these changes are not fully backwards compatible for secure
(RSN) mesh network
* fixed PMKID derivation with SAE
* added support for requesting and fetching arbitrary ANQP-elements
without internal support in wpa_supplicant for the specific element
@ -69,7 +81,7 @@ ChangeLog for wpa_supplicant
* extended INTERFACE_ADD command to allow certain type (sta/ap)
interface to be created
* fixed and improved various FST operations
* added 80+80 MHz VHT support for IBSS/mesh
* added 80+80 MHz and 160 MHz VHT support for IBSS/mesh
* fixed SIGNAL_POLL in IBSS and mesh cases
* added an option to abort an ongoing scan (used to speed up connection
and can also be done with the new ABORT_SCAN command)
@ -104,7 +116,7 @@ ChangeLog for wpa_supplicant
* enabled ACS support for AP mode operations with wpa_supplicant
* EAP-PEAP: fixed interoperability issue with Windows 2012r2 server
("Invalid Compound_MAC in cryptobinding TLV")
* EAP-TTLS; fixed success after fragmented final Phase 2 message
* EAP-TTLS: fixed success after fragmented final Phase 2 message
* VHT: added interoperability workaround for 80+80 and 160 MHz channels
* WNM: workaround for broken AP operating class behavior
* added kqueue(2) support for eloop (CONFIG_ELOOP_KQUEUE)
@ -112,6 +124,8 @@ ChangeLog for wpa_supplicant
- add support for full station state operations
- do not add NL80211_ATTR_SMPS_MODE attribute if HT is disabled
- add NL80211_ATTR_PREV_BSSID with Connect command
- fix IEEE 802.1X/WEP EAP reauthentication and rekeying to use
unencrypted EAPOL frames
* added initial MBO support; number of extensions to WNM BSS Transition
Management
* added support for PBSS/PCP and P2P on 60 GHz
@ -123,6 +137,11 @@ ChangeLog for wpa_supplicant
* started to ignore pmf=1/2 parameter for non-RSN networks
* added wps_disabled=1 network profile parameter to allow AP mode to
be started without enabling WPS
* wpa_cli: added action script support for AP-ENABLED and AP-DISABLED
events
* improved Public Action frame addressing
- add gas_address3 configuration parameter to control Address 3
behavior
* number of small fixes
2015-09-27 - v2.5