SUSE Package Hub - openSUSE-2022-56

Update Info

openSUSE-2022-56

Security update for connman

Type: security

Severity: important

Issued: 2022-03-01

Description:

This update for connman fixes the following issues:

Update to 1.41: (boo#1194177, boo#1194176, boo#1194175)

* Fix issue with RTNL netlink message alignment.
* Fix issue with dnsproxy and timeout for TCP feature. (CVE-2022-23097, CVE-2022-23096)
* Fix issue with dnsproxy and busy loop in TCP server. (CVE-2022-23098)
* Fix issue with WiFi connection with no passphrase.
* Add support for wpa_supplicant and WPA3-SAE functionality.
* Add support for D-Bus ObjectManager interface.
- Add systemd hardening configuration
- Disabled openconnect plugin due to version conflict
- Disabled vpnc plugin for i568 missing dependency
- Disabled hh2serial and tist_working for ppc64le due to version conflict

References

CVE: CVE-2022-23098
CVE: CVE-2022-23097
CVE: CVE-2022-23096
Bugzilla: 1194177 VUL-0: CVE-2022-23098: connman: dnsproxy TCP Receive Path Triggers 100 % CPU loop if DNS server does not Send Back Data
Bugzilla: 1194176 VUL-0: CVE-2022-23096: connman: dnsproxy TCP Receive Path does not Check for Presence of Sufficient Header Data
Bugzilla: 1194175 VUL-0: CVE-2022-23097: connman: Invalid memory reference in `strnlen` call in `forward_dns_reply()`

Packages

connman-1.41-bp153.2.3.1