FS#69583 : [connman] [Security] multiple issues (CVE-2021-26676 CVE-2021-26675)

FS#69583 - [connman] [Security] multiple issues (CVE-2021-26676 CVE-2021-26675)

Attached to Project: Community Packages
Opened by Jonas Witschel (diabonas) - Monday, 08 February 2021, 09:28 GMT
Last edited by Jonas Witschel (diabonas) - Monday, 08 February 2021, 10:00 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Christian Rebischke (Shibumi) Levente Polyak (anthraxx)
Architecture	All
Severity	Critical
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Summary
=======

The package connman is vulnerable to multiple issues including arbitrary code execution and information disclosure via CVE-2021-26676 and CVE-2021-26675.

Guidance
========

Applying the three commits referenced below fixes the issue.

References
==========

https://security.archlinux.org/AVG-1543
https://www.openwall.com/lists/oss-security/2021/02/08/2
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=58d397ba74873384aee449690a9070bacd5676fa
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a74524b3e3fad81b0fd1084ffdf9f2ea469cd9b1
https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=e4079a20f617a4b076af503f6e4e8b0304c9f2cb

This task depends upon

Closed by Jonas Witschel (diabonas)
Monday, 08 February 2021, 10:00 GMT
Reason for closing: Fixed
Additional comments about closing: connman 1.38-2

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#69583 - [connman] [Security] multiple issues (CVE-2021-26676 CVE-2021-26675)

Details

Loading...