An issue has been found in wpa, a set of tools to support WPA and WPA2 (IEEE 802.11i). Missing validation of data can result in a buffer over-write, which might lead to a DoS of the wpa_supplicant process or potentially arbitrary code execution.
The mentioned support for WPA-EAP-SUITE-B(-192) in the changelog does not affect the version in Jessie.
For Debian 8 jessie, these problems have been fixed in version 2.3-1+deb8u12.
We recommend that you upgrade your wpa packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/