wpa - security update

Several vulnerabilities have been discovered in wpa_supplicant and
hostapd. The Common Vulnerabilities and Exposures project identifies the
following problems:

• CVE-2015-4141
  Kostya Kortchinsky of the Google Security Team discovered a
  vulnerability in the WPS UPnP function with HTTP chunked transfer
  encoding which may result in a denial of service.
• CVE-2015-4142
  Kostya Kortchinsky of the Google Security Team discovered a
  vulnerability in the WMM Action frame processing which may result in
  a denial of service.
• CVE-2015-4143
  CVE-2015-4144
  CVE-2015-4145
  CVE-2015-4146
  Kostya Kortchinsky of the Google Security Team discovered that
  EAP-pwd payload is not properly validated which may result in a
  denial of service.
• CVE-2015-5310
  Jouni Malinen discovered a flaw in the WMM Sleep Mode Response frame
  processing. A remote attacker can take advantage of this flaw to
  mount a denial of service.
• CVE-2015-5314
  CVE-2015-5315
  Jouni Malinen discovered a flaw in the handling of EAP-pwd messages
  which may result in a denial of service.
• CVE-2015-5316
  Jouni Malinen discovered a flaw in the handling of EAP-pwd Confirm
  messages which may result in a denial of service.
• CVE-2015-8041
  Incomplete WPS and P2P NFC NDEF record payload length validation may
  result in a denial of service.

For the oldstable distribution (wheezy), these problems have been fixed
in version 1.0-3+deb7u3. The oldstable distribution (wheezy) is only
affected by
CVE-2015-4141,
CVE-2015-4142,
CVE-2015-4143 and
CVE-2015-8041.

For the stable distribution (jessie), these problems have been fixed in
version 2.3-1+deb8u3.

We recommend that you upgrade your wpa packages.