SUSE Package Hub - openSUSE-2022-10134

Update Info

openSUSE-2022-10134

Security update for connman

Type: security

Severity: critical

Issued: 2022-09-30

Description:

This update for connman fixes the following issues:

- CVE-2022-32292: Add refcounting to wispr portal detection to avoid heap overflow (boo#1200190)
- CVE-2022-32292: Fix OOB write in received_data (boo#1200189)

References

CVE: CVE-2022-32293
CVE: CVE-2022-32292
Bugzilla: 1200190 VUL-0: CVE-2022-32293: connman: Double-free/Use-after-free in WISPR
Bugzilla: 1200189 VUL-0: CVE-2022-32292: connman: Heap overflow in gweb's received_data()

Packages

connman-1.41-bp153.2.6.1