[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 3397-1] connman security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3397-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                           Chris Lamb
April 21, 2023                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : connman
Version        : 1.36-2.1~deb10u4
CVE ID         : CVE-2023-28488
Debian Bug     : 1034393

It was discovered that there was a potential denial of service
vulnerabilty in connman, a command-line network manager designed for
use on embedded devices.

Network-adjacent attackers operating a crafted DHCP server could have
caused a stack-based buffer overflow, resulting in a denial of
service through terminating the connman process.

For Debian 10 buster, this problem has been fixed in version
1.36-2.1~deb10u4.

We recommend that you upgrade your connman packages.

For the detailed security status of connman please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/connman

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmRCfDMACgkQHpU+J9Qx
HlibNBAAwZ1xeV0kYFXqE7H+yig1LveCS/Kh6/OcmCG/7Gxa8+1HPF98PCmjfxwr
pH0xndy/Xb+zFQVXxBzn91mJBU8cxMIhqicQdYpj6o1lryfsLLYYVVSKXt31bnQb
DI2Y+5IWC7cHSLA1XHZMC4lW3ZksLttS5Tlj2nCl/ENf7K00CaIBnlF0jnLomGXQ
I1HisTb6Qq4E5F4pRKmO+HXE+o+OuY0SljwFl3WkUowo8gcp4RL5k9xzPah97X1k
G4NZ+VFcSiXzEzQ8nLeQFPjWlIYNNTZzN+98R6RXssdqZPFj8cdY2FXkZRgQOccJ
W84EbPEnl+x9VPc2Ea9lQDDeMLB+0XHThx4P7/wZPrX5AqZzIGZAo0V+xm0zvfcJ
9m1nbUo16NDASzd+yhRPGyEbfugMZWKTE4ulDMMuWXboIsQHwWh+x4LX3KqMZgBD
8EqpURjeZkZNp5aoXwhDohyYJLjfiRGS3R4UqJxpbvXfdjTDdHD3ProTJiUE0c9y
SHSjMYvONNpnQngq7vsELi+TPzvyKFgcaQoSLH+W0ztAEGB0cPvG0tF1AM+WyFP8
E4L/jZNiS+QxA+ijGXwJwvnMjzvu/TO6Ii6q8QcwHheTr3QatkEpC0fW8Y5BTj9d
O+VqL+lLLLK+jlHE5FQy8gbkh3QTutkiPehxYiUTKfa6H8UdUUk=
=M/bg
-----END PGP SIGNATURE-----


Reply to: