connman: fix CVE-2022-23098

An issue was discovered in the DNS proxy in Connman through 1.40.
The TCP server reply implementation has an infinite loop if no
data is received.

Backport patch from:
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d8708b85c1e8fe25af7803e8a20cf20e7201d8a4

CVE: CVE-2022-23098

(From OE-Core rev: af56acf66b4196c961a20ec59faa580cc3e3ee23)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 1 insertions, 0 deletions

diff --git a/meta/recipes-connectivity/connman/connman_1.37.bb b/meta/recipes-connectivity/connman/connman_1.37.bb
index e3ea3cd065..096981364f 100644
--- a/meta/recipes-connectivity/connman/connman_1.37.bb
+++ b/meta/recipes-connectivity/connman/connman_1.37.bb
@@ -10,6 +10,7 @@ SRC_URI  = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
             file://CVE-2021-26676-0001.patch \
             file://CVE-2021-26676-0002.patch \
             file://CVE-2022-23096-7.patch \
+            file://CVE-2022-23098.patch \
 "
 
 SRC_URI_append_libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch"