- update to upstream release 2.6
  * fixed EAP-pwd last fragment validation
    [http://w1.fi/security/2015-7/] (CVE-2015-5314)
  * fixed WPS configuration update vulnerability with malformed passphrase
    [http://w1.fi/security/2016-1/] (CVE-2016-4476)
  * extended channel switch support for VHT bandwidth changes
  * added support for configuring new ANQP-elements with
    anqp_elem=<InfoID>:<hexdump of payload>
  * fixed Suite B 192-bit AKM to use proper PMK length
    (note: this makes old releases incompatible with the fixed behavior)
  * added no_probe_resp_if_max_sta=1 parameter to disable Probe Response
    frame sending for not-associated STAs if max_num_sta limit has been
    reached
  * added option (-S as command line argument) to request all interfaces
    to be started at the same time
  * modified rts_threshold and fragm_threshold configuration parameters
    to allow -1 to be used to disable RTS/fragmentation
  * EAP-pwd: added support for Brainpool Elliptic Curves
    (with OpenSSL 1.0.2 and newer)
  * fixed EAPOL reauthentication after FT protocol run
  * fixed FTIE generation for 4-way handshake after FT protocol run
  * fixed and improved various FST operations
  * TLS server
    - support SHA384 and SHA512 hashes
    - support TLS v1.2 signature algorithm with SHA384 and SHA512
    - support PKCS #5 v2.0 PBES2
    - support PKCS #5 with PKCS #12 style key decryption
    - minimal support for PKCS #12
    - support OCSP stapling (including ocsp_multi)
  * added support for OpenSSL 1.1 API changes

• Files Changed
• Browse Source