[SECURITY] [DLA 3397-1] connman security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-3397-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Chris Lamb
April 21, 2023 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : connman
Version : 1.36-2.1~deb10u4
CVE ID : CVE-2023-28488
Debian Bug : 1034393
It was discovered that there was a potential denial of service
vulnerabilty in connman, a command-line network manager designed for
use on embedded devices.
Network-adjacent attackers operating a crafted DHCP server could have
caused a stack-based buffer overflow, resulting in a denial of
service through terminating the connman process.
For Debian 10 buster, this problem has been fixed in version
1.36-2.1~deb10u4.
We recommend that you upgrade your connman packages.
For the detailed security status of connman please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/connman
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmRCfDMACgkQHpU+J9Qx
HlibNBAAwZ1xeV0kYFXqE7H+yig1LveCS/Kh6/OcmCG/7Gxa8+1HPF98PCmjfxwr
pH0xndy/Xb+zFQVXxBzn91mJBU8cxMIhqicQdYpj6o1lryfsLLYYVVSKXt31bnQb
DI2Y+5IWC7cHSLA1XHZMC4lW3ZksLttS5Tlj2nCl/ENf7K00CaIBnlF0jnLomGXQ
I1HisTb6Qq4E5F4pRKmO+HXE+o+OuY0SljwFl3WkUowo8gcp4RL5k9xzPah97X1k
G4NZ+VFcSiXzEzQ8nLeQFPjWlIYNNTZzN+98R6RXssdqZPFj8cdY2FXkZRgQOccJ
W84EbPEnl+x9VPc2Ea9lQDDeMLB+0XHThx4P7/wZPrX5AqZzIGZAo0V+xm0zvfcJ
9m1nbUo16NDASzd+yhRPGyEbfugMZWKTE4ulDMMuWXboIsQHwWh+x4LX3KqMZgBD
8EqpURjeZkZNp5aoXwhDohyYJLjfiRGS3R4UqJxpbvXfdjTDdHD3ProTJiUE0c9y
SHSjMYvONNpnQngq7vsELi+TPzvyKFgcaQoSLH+W0ztAEGB0cPvG0tF1AM+WyFP8
E4L/jZNiS+QxA+ijGXwJwvnMjzvu/TO6Ii6q8QcwHheTr3QatkEpC0fW8Y5BTj9d
O+VqL+lLLLK+jlHE5FQy8gbkh3QTutkiPehxYiUTKfa6H8UdUUk=
=M/bg
-----END PGP SIGNATURE-----
Reply to: