Patch copied from http://w1.fi/security/2015-4/

From 28a069a545b06b99eb55ad53f63f2c99e65a98f6 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sat, 2 May 2015 19:26:28 +0300
Subject: [PATCH 5/5] EAP-pwd peer: Fix asymmetric fragmentation behavior

The L (Length) and M (More) flags needs to be cleared before deciding
whether the locally generated response requires fragmentation. This
fixes an issue where these flags from the server could have been invalid
for the following message. In some cases, this could have resulted in
triggering the wpabuf security check that would terminate the process
due to invalid buffer allocation.

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 src/eap_peer/eap_pwd.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c
index 1d2079b..e58b13a 100644
--- a/src/eap_peer/eap_pwd.c
+++ b/src/eap_peer/eap_pwd.c
@@ -968,6 +968,7 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret,
 	/*
 	 * we have output! Do we need to fragment it?
 	 */
+	lm_exch = EAP_PWD_GET_EXCHANGE(lm_exch);
 	len = wpabuf_len(data->outbuf);
 	if ((len + EAP_PWD_HDR_SIZE) > data->mtu) {
 		resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_PWD, data->mtu,
-- 
1.9.1

94597f1e78776f854eeca46c03a3aded8466'>tree</a><a href='/guix/commit/gnu/packages/time.scm?id=1f7d94597f1e78776f854eeca46c03a3aded8466'>commit</a><a href='/guix/diff/gnu/packages/time.scm?id=1f7d94597f1e78776f854eeca46c03a3aded8466'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/packages/time.scm'>
<input type='hidden' name='id' value='1f7d94597f1e78776f854eeca46c03a3aded8466'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=1f7d94597f1e78776f854eeca46c03a3aded8466'>root</a>/<a href='/guix/log/gnu?id=1f7d94597f1e78776f854eeca46c03a3aded8466'>gnu</a>/<a href='/guix/log/gnu/packages?id=1f7d94597f1e78776f854eeca46c03a3aded8466'>packages</a>/<a href='/guix/log/gnu/packages/time.scm?id=1f7d94597f1e78776f854eeca46c03a3aded8466'>time.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/time.scm?id=1f7d94597f1e78776f854eeca46c03a3aded8466&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2022-08-13 12:28:46 +0200'>2022-08-13</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=431df1214e5c5819ca22157a8a6d94d1e066a56b'>gnu: python-dateutil: Adjust tests for Pytest 7.</a></td><td>Marius Bakke</td></tr>
<tr><td><span title='2022-06-26 22:10:38 -0400'>2022-06-26</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=ed210c1b8ff95003645499a4b48279a68c4685cf'>gnu: python-setuptools-scm: Move to (gnu packages python-build).</a></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2022-06-01 12:42:04 +0300'>2022-06-01</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=64c043e63a4be97f59fd1906c47973a74eedda67'>Merge remote-tracking branch 'origin/master' into staging</a></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2022-05-31 14:53:59 -0400'>2022-05-31</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=979f6b6e1d33164ca3790f01d51101e17335b207'>gnu: Remove python2-iso8601.</a></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2022-05-31 14:53:59 -0400'>2022-05-31</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=69e5efbcaf3be1822fd7ba9ece9842da0c0c95a4'>gnu: Remove python2-pytz.</a></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2022-05-31 14:53:56 -0400'>2022-05-31</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=dd722fc950ab7df501537254d0800c8ecbbd98a5'>gnu: Remove python2-dateutil.</a></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2022-05-31 14:53:40 -0400'>2022-05-31</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=74f9e518c674e25ff4598c8887461bb26bbfb8ac'>gnu: Remove python2-pyrfc3339.</a></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2022-05-31 14:53:40 -0400'>2022-05-31</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=9257f235f09ce9da68b4329ee1ad888eb8e40f52'>gnu: Remove python2-isodate.</a></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2022-05-31 14:53:33 -0400'>2022-05-31</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=391251a74ca230555277055e2ae23c59ee49116b'>gnu: Remove python2-tzdata.</a></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2022-05-31 14:53:33 -0400'>2022-05-31</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=1e3beb327d54832192cbf2bb12e00def2ba30625'>gnu: Remove python2-aniso8601.</a></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2022-05-31 14:53:33 -0400'>2022-05-31</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=17143c8c4d31a70349262976326bb1017ebee40b'>gnu: Remove python2-parsedatetime.</a></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2022-05-31 14:53:33 -0400'>2022-05-31</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=041c048119f13e40527ccc20a0819fce4c8663a9'>gnu: Remove python2-monotonic.</a></td><td>Maxim Cournoyer</td></tr>
<tr><td><span title='2022-05-16 11:14:42 +0300'>2022-05-16</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=e5e0e283ffd92f153303401c39dfcc1d8dde4f96'>Merge branch 'master' into staging</a></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2022-05-15 20:22:02 -0400'>2022-05-15</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=40a729a0e6f1d660b942241416c1e2c567616d4d'>gnu: Fix the build of wicd.</a></td><td>Leo Famulari</td></tr>
<tr><td><span title='2022-05-08 00:11:28 -0400'>2022-05-08</span></td><td><a href='/guix/commit/gnu/packages/time.scm?id=466e12c18bfb2afc9be947c19babf9e19d31c3ab'>gnu: python-pytz: Update to 2022.1.</a></td><td>Leo Famulari</td></tr>