linux/poky.git/meta/recipes-connectivity/connman/connman_1.42.bb, branch yocto-5.0.10Mirror of git.yoctoproject.org/pokyhttps://git.enea.com/cgit/linux/poky.git/atom?h=yocto-5.0.102025-05-27T16:38:57+00:00connman :fix CVE-2025-323662025-05-27T16:38:57+00:00Praveen Kumarpraveen.kumar@windriver.com2025-05-15T06:12:22+00:00urn:sha1:f80b122315a3a8168152c0cee5a004761c602073
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length
that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen)
and memcpy(response+offset,*end,*rdlen) without a check for whether
the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be
larger than the amount of remaining packet data in the current state
of parsing. Values of stack memory locations may be sent over the
network in a response.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-32366
Upstream-patch:
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=8d3be0285f1d4667bfe85dba555c663eb3d704b4
(From OE-Core rev: 02e046149b1cc5eca5188eec7b4e1a9970b97faf)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
connman :fix CVE-2025-327432025-05-14T16:08:57+00:00Praveen Kumarpraveen.kumar@windriver.com2025-05-07T06:51:15+00:00urn:sha1:86ea2699ac0e8fddcd5b03e71e05556fe466627d
In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c
can be NULL or an empty string when the TC (Truncated) bit is set in
a DNS response. This allows attackers to cause a denial of service
(application crash) or possibly execute arbitrary code, because those
lookup values lead to incorrect length calculations and incorrect
memcpy operations.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-32743
Upstream-patch:
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d90b911f6760959bdf1393c39fe8d1118315490f
(From OE-Core rev: 9558ec2091964556b47b0909c5d243aee5bafb6f)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
connman: Fix build with musl2024-01-07T12:24:57+00:00Khem Rajraj.khem@gmail.com2024-01-02T08:29:41+00:00urn:sha1:992d59564b84333740e6465ec696238274b73938
(From OE-Core rev: d0139bcbe0499e570f02f8f7b7e364763f7359ec)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
connman: update 1.41 -> 1.422023-09-07T13:36:30+00:00Alexander Kanavinalex.kanavin@gmail.com2023-09-06T16:56:19+00:00urn:sha1:dee8fc6a9757752ea58466a8ec5eaf25275928dc
Drop backports. 0001-vpn-Adding-support-for-latest-pppd-2.5.0-release.patch
is partially dropped, as upstream hasn't included the newly added header
into the tarball (issue addressed after the release).
(From OE-Core rev: eeb686876dc560b5f0fab6f37a2def3d78bb55db)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>