diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..bcb5994
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/hostapd-2.10.tar.gz
diff --git a/.hostapd.metadata b/.hostapd.metadata
new file mode 100644
index 0000000..28bbf9d
--- /dev/null
+++ b/.hostapd.metadata
@@ -0,0 +1 @@
+1012a46ed74d7760aec3cfe435eb8bac23f5dde9 SOURCES/hostapd-2.10.tar.gz
diff --git a/SOURCES/hostapd.conf b/SOURCES/hostapd.conf
new file mode 100644
index 0000000..1d86ab4
--- /dev/null
+++ b/SOURCES/hostapd.conf
@@ -0,0 +1,40 @@
+#
+# This will give you a minimal, insecure wireless network.
+# 
+# DO NOT BE SATISFIED WITH THAT!!!
+#
+# A complete, well commented example configuration file is
+# available here:
+#
+#	/usr/share/doc/hostapd/hostapd.conf
+#
+# For more information, look here:
+#
+#	http://wireless.kernel.org/en/users/Documentation/hostapd
+#
+
+ctrl_interface=/var/run/hostapd
+ctrl_interface_group=wheel
+
+# Some usable default settings...
+macaddr_acl=0
+auth_algs=1
+ignore_broadcast_ssid=0
+
+# Uncomment these for base WPA & WPA2 support with a pre-shared key
+#wpa=3
+#wpa_key_mgmt=WPA-PSK
+#wpa_pairwise=TKIP
+#rsn_pairwise=CCMP
+
+# DO NOT FORGET TO SET A WPA PASSPHRASE!!
+#wpa_passphrase=YourPassPhrase
+
+# Most modern wireless drivers in the kernel need driver=nl80211
+driver=nl80211
+
+# Customize these for your local configuration...
+interface=
+hw_mode=
+channel=
+ssid=
diff --git a/SOURCES/hostapd.conf.5 b/SOURCES/hostapd.conf.5
new file mode 100644
index 0000000..3e7e2af
--- /dev/null
+++ b/SOURCES/hostapd.conf.5
@@ -0,0 +1,127 @@
+.\" Manpage for hostapd.conf.
+.\" Original scrape of https://www.daemon-systems.org/man/hostapd.conf.5.html
+.\" Contact linville@redhat.com to correct errors or typos.
+.TH hostapd.conf 5 "10 Feb 2021" "1.0" "hostapd.conf man page"
+.SH NAME
+hostapd.conf \- configuration file for hostapd(8) utility
+.SH DESCRIPTION
+The hostapd.conf utility is an authenticator for IEEE 802.11 networks.
+It provides full support for WPA/IEEE 802.11i and can also act as an IEEE
+802.1X Authenticator with a suitable backend Authentication Server
+(typically FreeRADIUS).
+The configuration file consists of global parameters and domain specific
+configuration:
+.P
+\(bu IEEE 802.1X-2004
+.P
+\(bu RADIUS client
+.P
+\(bu RADIUS authentication server
+.P
+\(bu WPA/IEEE 802.11i
+.SH GLOBAL PARAMETERS
+The following parameters are recognized:
+.SS interface
+Interface name.  Should be set in "hostap" mode.
+.SS debug
+Debugging mode: 0 = no, 1 = minimal, 2 = verbose, 3 = msg dumps,
+4 = excessive.
+.SS dump_file
+Dump file for state information (on SIGUSR1).
+.SS ctrl_interface
+The pathname of the directory in which hostapd(8) creates UNIX
+domain socket files for communication with frontend programs such
+as hostapd_cli(8).
+.SS ctrl_interface_group
+A group name or group ID to use in setting protection on the
+control interface file.  This can be set to allow non-root users
+to access the control interface files.  If no group is specified,
+the group ID of the control interface is not modified and will,
+typically, be the group ID of the directory in which the socket
+is created.
+.SH IEEE 802.1X-2004 PARAMETERS
+The following parameters are recognized:
+.SS ieee8021x
+Require IEEE 802.1X authorization.
+.SS eap_message
+Optional displayable message sent with EAP Request-Identity.
+.SS wep_key_len_broadcast
+Key lengths for broadcast keys.
+.SS wep_key_len_unicast
+Key lengths for unicast keys.
+.SS wep_rekey_period
+Rekeying period in seconds.
+.SS eapol_key_index_workaround
+EAPOL-Key index workaround (set bit7) for WinXP Supplicant.
+.SS eap_reauth_period
+EAP reauthentication period in seconds.  To disable
+reauthentication, use "0".
+.SH RADIUS CLIENT PARAMETERS
+The following parameters are recognized:
+.SS own_ip_addr
+The own IP address of the access point (used as NAS-IP-Address).
+.SS nas_identifier
+Optional NAS-Identifier string for RADIUS messages.
+.SS auth_server_addr, auth_server_port, auth_server_shared_secret
+RADIUS authentication server parameters.  Can be defined twice
+for secondary servers to be used if primary one does not reply to
+RADIUS packets.
+.SS acct_server_addr, acct_server_port, acct_server_shared_secret
+RADIUS accounting server parameters.  Can be defined twice for
+secondary servers to be used if primary one does not reply to
+RADIUS packets.
+.SS radius_retry_primary_interval
+Retry interval for trying to return to the primary RADIUS server
+(in seconds).
+.SS radius_acct_interim_interval
+Interim accounting update interval.  If this is set (larger than
+0) and acct_server is configured, hostapd(8) will send interim
+accounting updates every N seconds.
+.SH RADIUS AUTHENTICATION SERVER PARAMETERS
+The following parameters are recognized:
+.SS radius_server_clients
+File name of the RADIUS clients configuration for the RADIUS
+server.  If this is commented out, RADIUS server is disabled.
+.SS radius_server_auth_port
+The UDP port number for the RADIUS authentication server.
+.SS radius_server_ipv6
+Use IPv6 with RADIUS server.
+.SH WPA/IEEE 802.11i PARAMETERS
+The following parameters are recognized:
+.SS wpa
+Enable WPA.  Setting this variable configures the AP to require
+WPA (either WPA-PSK or WPA-RADIUS/EAP based on other
+configuration).
+.SS wpa_psk, wpa_passphrase
+WPA pre-shared keys for WPA-PSK.  This can be either entered as a
+256-bit secret in hex format (64 hex digits), wpa_psk, or as an
+ASCII passphrase (8..63 characters) that will be converted to
+PSK.  This conversion uses SSID so the PSK changes when ASCII
+passphrase is used and the SSID is changed.
+.SS wpa_psk_file
+Optionally, WPA PSKs can be read from a separate text file
+(containing a list of (PSK,MAC address) pairs.
+.SS wpa_key_mgmt
+Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or
+both).
+.SS wpa_pairwise
+Set of accepted cipher suites (encryption algorithms) for
+pairwise keys (unicast packets).  See the example file for more
+information.
+.SS wpa_group_rekey
+Time interval for rekeying GTK (broadcast/multicast encryption
+keys) in seconds.
+.SS wpa_strict_rekey
+Rekey GTK when any STA that possesses the current GTK is leaving
+the BSS.
+.SS wpa_gmk_rekey
+Time interval for rekeying GMK (master key used internally to
+generate GTKs (in seconds).
+.SH SEE ALSO
+hostapd(8), hostapd_cli(8), /usr/share/examples/hostapd/hostapd.conf
+.SH HISTORY
+The hostapd.conf manual page and hostapd(8) functionality first appeared
+in NetBSD 4.0.
+.SH AUTHORS
+This manual page is derived from the README and hostapd.conf files in the
+hostapd distribution provided by Jouni Malinen <jkmaline@cc.hut.fi>.
diff --git a/SOURCES/hostapd.init b/SOURCES/hostapd.init
new file mode 100644
index 0000000..707761a
--- /dev/null
+++ b/SOURCES/hostapd.init
@@ -0,0 +1,89 @@
+#!/bin/bash
+#
+# hostapd 
+#
+# chkconfig:   - 23 88
+# description: hostapd is a user space daemon for access point and
+#     authentication servers.  It implements IEEE 802.11 access point
+#     management, IEEE 802.1X/WPA/WPA2/EAP Authenticators and RADIUS
+#     authentication server.
+# processname: hostapd
+# config:      /etc/hostapd/hostapd.conf
+#
+### BEGIN INIT INFO
+# Provides: hostapd
+# Required-Start: $network
+# Required-Stop: $network
+# Default-Start:
+# Default-Stop: 0 1 6
+# Short-Description: start and stop hostapd
+# Description: IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
+### END INIT INFO
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Source networking configuration.
+. /etc/sysconfig/network
+
+exec="/usr/sbin/hostapd"
+prog=hostapd
+conf="/etc/hostapd/hostapd.conf"
+lockfile=/var/lock/subsys/$prog
+
+[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
+
+start() {
+ 	echo -n $"Starting $prog: $conf"
+	daemon $prog -B $OTHER_ARGS $conf
+	retval=$?
+	echo
+	[ $retval -eq 0 ] && touch $lockfile
+	return $retval
+}
+
+stop() {
+	echo -n $"Stopping $prog: "
+	killproc $prog
+	retval=$?
+	echo
+	[ $retval -eq 0 ] && rm -f $lockfile
+	return $retval
+}
+
+restart() {
+	stop
+	start
+}
+
+reload() {
+	restart
+}
+
+force_reload() {
+	restart
+}
+
+fdr_status() {
+	status $prog
+}
+
+
+case "$1" in
+	start|stop|restart|reload)
+  		$1
+		;;
+	force-reload)
+		force_reload
+		;;
+	status)
+		fdr_status
+		;;
+	condrestart|try-restart)
+		[ -f $lockfile ] && restart
+		;;
+	*)
+		echo $"Usage: $0 {start|stop|status|restart|try-restart|reload|force-reload}"
+		exit 1
+esac
+
diff --git a/SOURCES/hostapd.service b/SOURCES/hostapd.service
new file mode 100644
index 0000000..d7c2ca0
--- /dev/null
+++ b/SOURCES/hostapd.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
+After=network.target
+
+[Service]
+Type=forking
+PIDFile=/run/hostapd.pid
+EnvironmentFile=/etc/sysconfig/hostapd
+ExecStart=/usr/sbin/hostapd /etc/hostapd/hostapd.conf -P /run/hostapd.pid -B $OTHER_ARGS
+
+[Install]
+WantedBy=multi-user.target
diff --git a/SOURCES/hostapd.sysconfig b/SOURCES/hostapd.sysconfig
new file mode 100644
index 0000000..1d9f8e3
--- /dev/null
+++ b/SOURCES/hostapd.sysconfig
@@ -0,0 +1,5 @@
+# Other arguments
+#   -d   show more debug messages (-dd for even more)
+#   -K   include key data in debug messages
+#   -t   include timestamps in some debug messages
+OTHER_ARGS=""
diff --git a/SPECS/hostapd.spec b/SPECS/hostapd.spec
new file mode 100644
index 0000000..e45644a
--- /dev/null
+++ b/SPECS/hostapd.spec
@@ -0,0 +1,470 @@
+%global _hardened_build 1
+
+Name:           hostapd
+Version:        2.10
+Release:        1%{?dist}
+Summary:        IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
+License:        BSD
+URL:            http://w1.fi/hostapd
+
+Source0:        http://w1.fi/releases/%{name}-%{version}.tar.gz
+Source1:        %{name}.service
+Source2:        %{name}.conf
+Source3:        %{name}.conf.5
+Source4:        %{name}.sysconfig
+Source5:        %{name}.init
+
+BuildRequires:  libnl3-devel
+BuildRequires:  openssl-devel
+BuildRequires:  perl-generators
+BuildRequires:  gcc
+
+%if 0%{?fedora} || 0%{?rhel} >= 7
+BuildRequires:      systemd
+BuildRequires: make
+Requires(post):     systemd
+Requires(preun):    systemd
+Requires(postun):   systemd
+%endif
+
+%if 0%{?rhel} == 6
+Requires(post):     /sbin/chkconfig
+Requires(preun):    /sbin/chkconfig
+Requires(preun):    /sbin/service
+Requires(postun):   /sbin/service
+%endif
+
+%description
+%{name} is a user space daemon for access point and authentication servers. It
+implements IEEE 802.11 access point management, IEEE 802.1X/WPA/WPA2/EAP
+Authenticators and RADIUS authentication server.
+
+%{name} is designed to be a "daemon" program that runs in the back-ground and
+acts as the backend component controlling authentication. %{name} supports
+separate frontend programs and an example text-based frontend, hostapd_cli, is
+included with %{name}.
+
+%package logwatch
+Summary:        Logwatch scripts for hostapd
+Requires:       %{name} = %{version}-%{release}
+Requires:       logwatch
+%if 0%{?rhel} == 6 || 0%{?rhel} == 7
+Requires:       perl
+%else
+Requires:       perl-interpreter
+%endif
+
+%description logwatch
+Logwatch scripts for hostapd.
+
+%prep
+%setup -q
+
+%build
+cd hostapd
+cat defconfig | sed \
+    -e '$ a CONFIG_SAE=y' \
+    -e '$ a CONFIG_SUITEB192=y' \
+    -e '$ a CONFIG_TLS_DEFAULT_CIPHERS="PROFILE=SYSTEM:3DES"' \
+    -e '/^#CONFIG_DRIVER_NL80211=y/s/^#//' \
+    -e '/^#CONFIG_RADIUS_SERVER=y/s/^#//' \
+    -e '/^#CONFIG_DRIVER_WIRED=y/s/^#//' \
+    -e '/^#CONFIG_DRIVER_NONE=y/s/^#//' \
+    -e '/^#CONFIG_IEEE80211N=y/s/^#//' \
+    -e '/^#CONFIG_IEEE80211R=y/s/^#//' \
+    -e '/^#CONFIG_IEEE80211AC=y/s/^#//' \
+    -e '/^#CONFIG_FULL_DYNAMIC_VLAN=y/s/^#//' \
+    -e '/^#CONFIG_LIBNL32=y/s/^#//' \
+    -e '/^#CONFIG_ACS=y/s/^#//' \
+    -e '/^#CONFIG_OWE=y/s/^#//' \
+    > .config
+echo "CFLAGS += -I%{_includedir}/libnl3" >> .config
+echo "LIBS += -L%{_libdir}" >> .config
+export CFLAGS="${CFLAGS:-%optflags} -fPIE -DPIE"
+export CXXFLAGS="${CXXFLAGS:-%optflags} -fPIE -DPIE"
+export LDFLAGS="${LDFLAGS:-%optflags} -pie -Wl,-z,now"
+make %{?_smp_mflags} V=1
+
+%install
+%if 0%{?fedora} || 0%{?rhel} >= 7
+
+# Systemd unit files
+install -p -m 644 -D %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
+
+%else
+
+# Initscripts
+install -p -m 755 -D %{SOURCE5} %{buildroot}%{_initrddir}/%{name}
+
+%endif
+
+# logwatch files
+install -d %{buildroot}/%{_sysconfdir}/logwatch/conf/services
+install -pm 0644 %{name}/logwatch/%{name}.conf  \
+        %{buildroot}/%{_sysconfdir}/logwatch/conf/services/%{name}.conf
+install -d %{buildroot}/%{_sysconfdir}/logwatch/scripts/services
+install -pm 0755 %{name}/logwatch/%{name} \
+        %{buildroot}/%{_sysconfdir}/logwatch/scripts/services/%{name}
+
+# config files
+install -d %{buildroot}/%{_sysconfdir}/%{name}
+install -pm 0600 %{SOURCE2} %{buildroot}/%{_sysconfdir}/%{name}
+
+install -d %{buildroot}/%{_sysconfdir}/sysconfig
+install -pm 0644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/sysconfig/%{name}
+
+# binaries
+install -d %{buildroot}/%{_sbindir}
+install -pm 0755 %{name}/%{name} %{buildroot}%{_sbindir}/%{name}
+install -pm 0755 %{name}/%{name}_cli %{buildroot}%{_sbindir}/%{name}_cli
+
+# man pages
+install -d %{buildroot}%{_mandir}/man{1,5,8}
+install -pm 0644 %{name}/%{name}_cli.1 %{buildroot}%{_mandir}/man1
+install -pm 0644 %{SOURCE3} %{buildroot}%{_mandir}/man5
+install -pm 0644 %{name}/%{name}.8 %{buildroot}%{_mandir}/man8
+
+# prepare docs
+cp %{name}/README ./README.%{name}
+cp %{name}/README-WPS ./README-WPS.%{name}
+cp %{name}/logwatch/README ./README.logwatch
+
+%if 0%{?fedora} || 0%{?rhel} >= 7
+
+%post
+%systemd_post %{name}.service
+
+%preun
+%systemd_preun %{name}.service
+
+%postun
+%systemd_postun_with_restart %{name}.service
+
+%endif
+
+%if 0%{?rhel} == 6
+
+%post
+/sbin/chkconfig --add %{name}
+
+%preun
+if [ $1 -eq 0 ]; then
+    /sbin/service %{name} stop >/dev/null 2>&1 || :
+    /sbin/chkconfig --del %{name}
+fi
+
+%postun
+if [ $1 -ge 1 ]; then
+    /sbin/service %{name} condrestart >/dev/null 2>&1 || :
+fi
+
+%endif
+
+%files
+%license COPYING
+%doc README README.hostapd README-WPS.hostapd
+%doc %{name}/%{name}.conf %{name}/wired.conf
+%doc %{name}/%{name}.accept %{name}/%{name}.deny
+%doc %{name}/%{name}.eap_user %{name}/%{name}.radius_clients
+%doc %{name}/%{name}.vlan %{name}/%{name}.wpa_psk
+%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf
+%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
+%{_sbindir}/%{name}
+%{_sbindir}/%{name}_cli
+%dir %{_sysconfdir}/%{name}
+%{_mandir}/man1/*
+%{_mandir}/man5/*
+%{_mandir}/man8/*
+%if 0%{?fedora} || 0%{?rhel} >= 7
+%{_unitdir}/%{name}.service
+%else
+%{_initrddir}/%{name}
+%endif
+
+%files logwatch
+%doc %{name}/logwatch/README
+%config(noreplace) %{_sysconfdir}/logwatch/conf/services/%{name}.conf
+%{_sysconfdir}/logwatch/scripts/services/%{name}
+
+%changelog
+* Fri Jan 21 2022 Davide Caratti <dcaratti@redhat.com> - 2.10-1
+- Update to version 2.10
+
+* Wed Dec 22 2021 Davide Caratti <dcaratti@redhat.com> - 2.9-17
+- fix typo while enabling support for suite B-192
+
+* Wed Dec 22 2021 Davide Caratti <dcaratti@redhat.com> - 2.9-16
+- fix CONFIG_TLS_DEFAULT_CIPHERS to allow 3DES
+
+* Mon Dec 20 2021 Davide Caratti <dcaratti@redhat.com> - 2.9-15
+- Disable 'badfuncs' in rpminspect tests
+- Build with -fPIE, and enable verbose build log
+- enable CONFIG_SUITEB192
+
+* Fri Dec 17 2021 Tomas Pelka <tpelka@redhat.com> - 2.9-14
+- Bump release and rebuilt to trigger gating process
+
+* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 2.9-13
+- Rebuilt with OpenSSL 3.0.0
+
+* Fri Sep  3 2021 Davide Caratti <dcaratti@redhat.com> - 2.9-12
+- backport fix for NetworkManager-ci failures with openssl-3.0.0
+
+* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Tue May 11 2021 John W. Linville <linville@redhat.com> - 2.9-10
+- Enable CONFIG_OWE build option in order to provide WPA3 capability
+
+* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 2.9-9
+- Rebuilt for updated systemd-rpm-macros
+  See https://pagure.io/fesco/issue/2583.
+
+* Wed Feb 10 2021 John W. Linville <linville@redhat.com> - 2.9-8
+- Add hostapd.conf.5 man file, with content borrowed from NetBSD
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Thu Dec 10 2020 John W. Linville <linville@redhat.com> - 2.9-6
+- Enable environment file in hostapd service definition
+
+* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jun 24 2020 John W. Linville <linville@redhat.com> - 2.9-4
+- Fix CVE-2020-12695 (UPnP SUBSCRIBE misbehavior in hostapd WPS AP)
+
+* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Wed Oct 30 2019 John W. Linville <linville@redhat.com> - 2.9-2
+- Fix CVE-2019-16275 (AP mode PMF disconnection protection bypass)
+
+* Fri Aug 09 2019 John W. Linville <linville@redhat.com> - 2.9-1
+- Update to version 2.9 from upstream
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.8-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Wed Jul 03 2019 Lubomir Rintel <lkundrak@v3.sk> - 2.8-2
+- Enable SAE
+
+* Wed May 15 2019 John W. Linville <linville@redhat.com> - 2.8-1
+- Update to version 2.8 from upstream
+- Drop obsoleted patches
+
+* Fri Apr 12 2019 John W. Linville <linville@redhat.com> - 2.7-2
+- Bump N-V-R for rebuild
+
+* Fri Apr 12 2019 John W. Linville <linville@redhat.com> - 2.7-1
+- Update to version 2.7 from upstream
+- Remove obsolete patches for NL80211_ATTR_SMPS_MODE encoding and KRACK
+- Fix CVE-2019-9494 (cache attack against SAE)
+- Fix CVE-2019-9495 (cache attack against EAP-pwd)
+- Fix CVE-2019-9496 (SAE confirm missing state validation in hostapd/AP)
+- Fix CVE-2019-9497 (EAP-pwd server not checking for reflection attack)
+- Fix CVE-2019-9498 (EAP-pwd server missing commit validation for scalar/element)
+- Fix CVE-2019-9499 (EAP-pwd peer missing commit validation for scalar/element)
+
+* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Fri Jul 20 2018 John W. Linville <linville@redhat.com> - 2.6-11
+- Add previously unnecessary BuildRequires for gcc
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Tue May 29 2018 Davide Caratti <dcaratti@redhat.com> - 2.6-9
+- backport fix for Fix NL80211_ATTR_SMPS_MODE encoding (rh #1582839)
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Thu Dec 07 2017 Simone Caronni <negativo17@gmail.com> - 2.6-7
+- Fix dependencies on the logwatch package for RHEL/CentOS.
+
+* Fri Nov 03 2017 Xavier Bachelot <xavier@bachelot.org> - 2.6-6
+- Add patches for KRACK : CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
+  CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086,
+  CVE-2017-13087, CVE-2017-13088 (RHBZ#1502588).
+
+* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Thu Jul 13 2017 Petr Pisar <ppisar@redhat.com> - 2.6-3
+- perl dependency renamed to perl-interpreter
+  <https://fedoraproject.org/wiki/Changes/perl_Package_to_Install_Core_Modules>
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Mon Oct 03 2016 John W. Linville <linville@redhat.com> - 2.6-1
+- Update to version 2.6 from upstream
+- Remove patch for CVE-2016-4476, now included in base tarball
+
+* Fri Jul 15 2016 John W. Linville <linville@redhat.com> - 2.5-5
+- Bump NVR and rebuild to resolve GLIBC_2.24 symbol issue
+
+* Mon Jun 06 2016 John W. Linville <linville@redhat.com> - 2.5-4
+- Add WPS patch for CVE-2016-4476
+
+* Tue Apr 19 2016 Sascha Spreitzer <sspreitz@redhat.com> - 2.5-3
+- Enable ACS feature (automatic channel switching)
+
+* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.5-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Tue Oct 13 2015 John W. Linville <linville@redhat.com> - 2.5-1
+- Update to version 2.5 from upstream
+- Remove patches made redundant by version update
+
+* Fri Jul 10 2015 John W. Linville <linville@redhat.com> - 2.4-3
+- apply fix for NDEF record payload length checking
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Fri May 15 2015 John W. Linville <linville@redhat.com> - 2.4-2
+- apply fix for underflow in WMM action frame parser
+
+* Tue Apr 21 2015 John W. Linville <linville@redhat.com> - 2.4-1
+- Update to version 2.4 from upstream
+- Enable support for IEEE802.11r and IEEE802.11ac
+
+* Wed Feb  4 2015 John W. Linville <linville@redhat.com> - 2.3-4
+- Use %%license instead of %%doc for file containing license information
+
+* Sun Nov 02 2014 poma <poma@gmail.com> - 2.3-3
+- Further simplify hostapd.conf installation
+- Rebase "EAP-TLS server" patch to 2.3
+
+* Tue Oct 28 2014 John W. Linville <linville@redhat.com> - 2.3-2
+- Remove version info from /usr/share/doc/hostapd/hostapd.conf
+
+* Thu Oct 23 2014 John W. Linville <linville@redhat.com> - 2.3-1
+- Update to version 2.3 from upstream
+
+* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Thu Jun  5 2014 John W. Linville <linville@redhat.com> - 2.2-1
+- Update to version 2.2 from upstream
+
+* Sat Feb 22 2014 Simone Caronni <negativo17@gmail.com> - 2.1-2
+- Re-enable drivers (#1068849).
+
+* Fri Feb 14 2014 John W. Linville <linville@redhat.com> - 2.1-1
+- Update to version 2.1 from upstream
+- Remove obsolete patch for libnl build documentation
+
+* Mon Feb 03 2014 Simone Caronni <negativo17@gmail.com> - 2.0-6
+- Add libnl build documentation and switch libnl-devel to libnl3-devel build
+  dependency (#1041471).
+
+* Fri Nov 22 2013 John W. Linville <linville@redhat.com> - 2.0-5
+- Enable CONFIG_FULL_DYNAMIC_VLAN build option
+
+* Wed Aug 07 2013 Simone Caronni <negativo17@gmail.com> - 2.0-4
+- Add EPEL 6 support.
+- Remove obsolete EPEL 5 tags.
+- Little spec file formatting.
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 2.0-2
+- Perl 5.18 rebuild
+
+* Thu May 30 2013 John W. Linville <linville@redhat.com> - 2.0-1
+- Update to version 2.0 from upstream
+- Convert to use of systemd-rpm macros
+- Build with PIE flags
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Mon Oct  8 2012 John W. Linville <linville@redhat.com> - 1.0-3
+- EAP-TLS: Add extra validation for TLS Message Length
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Jun  8 2012 John W. Linville <linville@redhat.com> - 1.0-1
+- Update to version 1.0 from upstream
+
+* Fri Jun  8 2012 John W. Linville <linville@redhat.com> - 0.7.3-9
+- Remove hostapd-specific runtime state directory
+
+* Wed Jun  6 2012 John W. Linville <linville@redhat.com> - 0.7.3-8
+- Fixup typo in pid file path in hostapd.service
+
+* Wed May 30 2012 John W. Linville <linville@redhat.com> - 0.7.3-7
+- Add BuildRequires for systemd-units
+
+* Fri May 25 2012 John W. Linville <linville@redhat.com> - 0.7.3-6
+- Fixup typo in configuration file path in hostapd.service
+- Tighten-up default permissions for hostapd.conf
+
+* Tue Feb 28 2012 Jon Ciesla <limburgher@gmail.com> - 0.7.3-5
+- Migrate to systemd, BZ 770310.
+
+* Wed Jan 18 2012 John W. Linville <linville@redhat.com> - 0.7.3-4
+- Add reference to sample hostapd.conf in the default installed version
+- Include README-WPS from the hostapd distribution as part of the docs
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.3-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Thu Dec 23 2010 John W. Linville <linville@redhat.com> - 0.7.3-1
+- Update to version 0.7.3
+
+* Wed Nov 24 2010 John W. Linville <linville@redhat.com> - 0.6.10-3
+- Use ghost directive for /var/run/hostapd
+- Remove some rpmlint warnings
+
+* Thu May 27 2010 John W. Linville <linville@redhat.com> - 0.6.10-2
+- Move DTIM period configuration into Beacon set operation
+
+* Mon May 10 2010 John W. Linville <linville@redhat.com> - 0.6.10-1
+- Update to version 0.6.10
+
+* Tue Jan 19 2010 John W. Linville <linville@redhat.com> - 0.6.9-8
+- Do not compress man pages manually in spec file
+- Correct date of previous changelog entry
+
+* Thu Jan 14 2010 John W. Linville <linville@redhat.com> - 0.6.9-7
+- Enable 802.11n support
+
+* Thu Dec 17 2009 John W. Linville <linville@redhat.com> - 0.6.9-6
+- Enable RADIUS server
+- Enable "wired" and "none" drivers
+- Use BSD license option
+
+* Wed Dec 16 2009 John W. Linville <linville@redhat.com> - 0.6.9-5
+- Use openssl instead of gnutls (broken)
+
+* Wed Dec 16 2009 John W. Linville <linville@redhat.com> - 0.6.9-4
+- Remove wired.conf from doc (not in chosen configuration)
+- Use $RPM_OPT_FLAGS
+- Add dist tag
+
+* Wed Dec 16 2009 John W. Linville <linville@redhat.com> - 0.6.9-3
+- Use gnutls instead of openssl
+- Turn-off internal EAP server (broken w/ gnutls)
+- Remove doc files not applicable to chosen configuration
+- Un-mangle README filename for logwatch sub-package
+
+* Wed Dec 16 2009 John W. Linville <linville@redhat.com> - 0.6.9-2
+- Initial build
+- Start release at 2 to avoid conflicts w/ previous attempts by others