diff options
author | Steve Sakoman <steve@sakoman.com> | 2022-02-07 07:09:03 -1000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-02-23 23:43:42 +0000 |
commit | 0c48142849daf40f85ad4c03887158e6854870b3 (patch) | |
tree | 804bf3a52e24a82376592e9716b80bf82b15ca06 /meta/recipes-connectivity/connman/connman_1.37.bb | |
parent | 9c8b42009673796bd6e7c553203346576c1723e2 (diff) | |
download | poky-0c48142849daf40f85ad4c03887158e6854870b3.tar.gz |
connman: fix CVE-2021-33833
ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based
buffer overflow in uncompress in dnsproxy.c via NAME, RDATA, or
RDLENGTH (for A or AAAA).
Backport patch from:
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=eceb2e8d2341c041df55a5e2f047d9a8c491463c
CVE: CVE-2021-33833
(From OE-Core rev: 8eb4fdd19fe4b275c26c49120b364cd24ec151d5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/connman/connman_1.37.bb')
-rw-r--r-- | meta/recipes-connectivity/connman/connman_1.37.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/connman/connman_1.37.bb b/meta/recipes-connectivity/connman/connman_1.37.bb index 096981364f..bdd1e590ec 100644 --- a/meta/recipes-connectivity/connman/connman_1.37.bb +++ b/meta/recipes-connectivity/connman/connman_1.37.bb | |||
@@ -9,6 +9,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ | |||
9 | file://CVE-2021-26675.patch \ | 9 | file://CVE-2021-26675.patch \ |
10 | file://CVE-2021-26676-0001.patch \ | 10 | file://CVE-2021-26676-0001.patch \ |
11 | file://CVE-2021-26676-0002.patch \ | 11 | file://CVE-2021-26676-0002.patch \ |
12 | file://CVE-2021-33833.patch \ | ||
12 | file://CVE-2022-23096-7.patch \ | 13 | file://CVE-2022-23096-7.patch \ |
13 | file://CVE-2022-23098.patch \ | 14 | file://CVE-2022-23098.patch \ |
14 | " | 15 | " |