connman: update 1.41 -> 1.42

Drop backports. 0001-vpn-Adding-support-for-latest-pppd-2.5.0-release.patch
is partially dropped, as upstream hasn't included the newly added header
into the tarball (issue addressed after the release).

(From OE-Core rev: eeb686876dc560b5f0fab6f37a2def3d78bb55db)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 0 insertions, 63 deletions

diff --git a/meta/recipes-connectivity/connman/connman/0001-gdhcp-Verify-and-sanitize-packet-length-first.patch b/meta/recipes-connectivity/connman/connman/0001-gdhcp-Verify-and-sanitize-packet-length-first.patch
deleted file mode 100644
index 8e2f47a1d5..0000000000
--- a/meta/recipes-connectivity/connman/connman/0001-gdhcp-Verify-and-sanitize-packet-length-first.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 99e2c16ea1cced34a5dc450d76287a1c3e762138 Mon Sep 17 00:00:00 2001
-From: Daniel Wagner <wagi@monom.org>
-Date: Tue, 11 Apr 2023 08:12:56 +0200
-Subject: [PATCH] gdhcp: Verify and sanitize packet length first
-
-Avoid overwriting the read packet length after the initial test. Thus
-move all the length checks which depends on the total length first
-and do not use the total lenght from the IP packet afterwards.
-
-Fixes CVE-2023-28488
-
-Reported by Polina Smirnova <moe.hwr@gmail.com>
-
-CVE: CVE-2023-28488
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
-
----
- gdhcp/client.c | 16 +++++++++-------
- 1 file changed, 9 insertions(+), 7 deletions(-)
-
-diff --git a/gdhcp/client.c b/gdhcp/client.c
-index 7efa7e45..82017692 100644
---- a/gdhcp/client.c
-+++ b/gdhcp/client.c
-@@ -1319,9 +1319,9 @@ static bool sanity_check(struct ip_udp_dhcp_packet *packet, int bytes)
- static int dhcp_recv_l2_packet(struct dhcp_packet *dhcp_pkt, int fd,
-                                struct sockaddr_in *dst_addr)
- {
--       int bytes;
-        struct ip_udp_dhcp_packet packet;
-        uint16_t check;
-+       int bytes, tot_len;
- 
-        memset(&packet, 0, sizeof(packet));
- 
-@@ -1329,15 +1329,17 @@ static int dhcp_recv_l2_packet(struct dhcp_packet *dhcp_pkt, int fd,
-        if (bytes < 0)
-                return -1;
- 
--       if (bytes < (int) (sizeof(packet.ip) + sizeof(packet.udp)))
--               return -1;
--
--       if (bytes < ntohs(packet.ip.tot_len))
-+       tot_len = ntohs(packet.ip.tot_len);
-+       if (bytes > tot_len) {
-+               /* ignore any extra garbage bytes */
-+               bytes = tot_len;
-+       } else if (bytes < tot_len) {
-                /* packet is bigger than sizeof(packet), we did partial read */
-                return -1;
-+       }
- 
--       /* ignore any extra garbage bytes */
--       bytes = ntohs(packet.ip.tot_len);
-+       if (bytes < (int) (sizeof(packet.ip) + sizeof(packet.udp)))
-+               return -1;
- 
-        if (!sanity_check(&packet, bytes))
-                return -1;
--- 
-2.34.1
-