openSUSE-SU-2023:0370-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2023:0370-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/openSUSE-SU-2023:0370-1
Related
Published
2023-11-14T15:14:29Z
Modified
2023-11-14T15:14:29Z
Summary
Security update for connman
Details

This update for connman fixes the following issues:

  • Update to 1.42

    • Fix issue with iwd and signal strength calculation.
    • Fix issue with iwd and handling service removal.
    • Fix issue with iwd and handling new connections.
    • Fix issue with handling default online check URL.
    • Fix issue with handling nameservers refresh.
    • Fix issue with handling proxy from DHCP lease. (boo#1210395 CVE-2023-28488)
    • Fix issue with handling multiple proxies from PAC.
    • Fix issue with handling manual time update changes.
    • Fix issue with handling invalid gateway routes.
    • Fix issue with handling hidden WiFi agent requests.
    • Fix issue with handling WiFi SAE authentication failure.
    • Fix issue with handling DNS Proxy and TCP server replies.
    • Add support for regulatory domain following timezone.
    • Add support for localtime configuration option.
References

Affected packages

SUSE:Package Hub 15 SP4 / connman

Package

Name
connman
Purl
pkg:rpm/suse/connman&distro=SUSE%20Package%20Hub%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.42-bp154.2.6.1

Ecosystem specific 

{
    "binaries": [
        {
            "connman-doc": "1.42-bp154.2.6.1",
            "connman-client": "1.42-bp154.2.6.1",
            "connman-plugin-openvpn": "1.42-bp154.2.6.1",
            "connman-plugin-polkit": "1.42-bp154.2.6.1",
            "connman-plugin-vpnc": "1.42-bp154.2.6.1",
            "connman-devel": "1.42-bp154.2.6.1",
            "connman-plugin-l2tp": "1.42-bp154.2.6.1",
            "connman-nmcompat": "1.42-bp154.2.6.1",
            "connman-plugin-hh2serial-gps": "1.42-bp154.2.6.1",
            "connman": "1.42-bp154.2.6.1",
            "connman-plugin-wireguard": "1.42-bp154.2.6.1",
            "connman-plugin-iospm": "1.42-bp154.2.6.1",
            "connman-plugin-tist": "1.42-bp154.2.6.1",
            "connman-plugin-pptp": "1.42-bp154.2.6.1",
            "connman-test": "1.42-bp154.2.6.1"
        }
    ]
}

openSUSE:Leap 15.4 / connman

Package

Name
connman
Purl
pkg:rpm/opensuse/connman&distro=openSUSE%20Leap%2015.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.42-bp154.2.6.1

Ecosystem specific 

{
    "binaries": [
        {
            "connman-doc": "1.42-bp154.2.6.1",
            "connman-client": "1.42-bp154.2.6.1",
            "connman-plugin-openvpn": "1.42-bp154.2.6.1",
            "connman-plugin-polkit": "1.42-bp154.2.6.1",
            "connman-plugin-vpnc": "1.42-bp154.2.6.1",
            "connman-devel": "1.42-bp154.2.6.1",
            "connman-plugin-l2tp": "1.42-bp154.2.6.1",
            "connman-nmcompat": "1.42-bp154.2.6.1",
            "connman-plugin-hh2serial-gps": "1.42-bp154.2.6.1",
            "connman": "1.42-bp154.2.6.1",
            "connman-plugin-wireguard": "1.42-bp154.2.6.1",
            "connman-plugin-iospm": "1.42-bp154.2.6.1",
            "connman-plugin-tist": "1.42-bp154.2.6.1",
            "connman-plugin-pptp": "1.42-bp154.2.6.1",
            "connman-test": "1.42-bp154.2.6.1"
        }
    ]
}