K 10
svn:author
V 2
cy
K 8
svn:date
V 27
2019-05-01T01:42:38.835322Z
K 7
svn:log
V 1316
MFC r341759, r341796, r341839, r341989, r346591:
The following five MFCs update wpa 2.6 --> 2.8.

r341759:
MFV r341618: Update wpa 2.6 --> 2.7.

r341796:
Clean stale wpa dependencies and objects after r341759

The wpa update added some source files with the same name as a file in
another directory (found via .PATH in the previous version).  Having a
stale entry in a .depend file means the new file won't be built, so test
for this case and if found remove all of wpa's dependency files.

Sponsored by:   The FreeBSD Foundation

r341839:
Set default ciphers.

Submitted by:   jkim@

r341989:
Makefile.inc1: update stale wpa dependency removal statement

Only stale .depend files are removed; do not mention object files.

r346591:
Update wpa_supplicant/hostapd 2.7 --> 2.8

Upstream documents the following advisories:

- https://w1.fi/security/2019-1/sae-side-channel-attacks.txt
- https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt
- https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
- https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
- https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-\
  with-unexpected-fragment.txt

Security:	CVE-2019-9494, VU#871675, CVE-2019-9495, CVE-2019-9496,
		CVE-2019-9497, CVE-2019-9498, CVE-2019-9499

Relnotes:	yes

END