[ubuntu/jammy-updates] connman 1.36-2.3ubuntu0.1 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Jul 19 10:28:10 UTC 2023
connman (1.36-2.3ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/dnsproxy-Simplify-udp_server_event.patch:
Simplify udp_server_event()
- debian/patches/dnsproxy-Validate-input-data-before-using-them.patch:
Validate input data before using them.
- CVE-2022-23096
- CVE-2022-23097
* SECURITY UPDATE: Denial-of-service
- debian/patches/dnsproxy-Avoid-100-busy-loop-in-TCP-server-case.patch:
Avoid 100 % busy loop in TCP server case.
- debian/patches/dnsproxy-Keep-timeout-in-TCP-case-even-after-connect.patch:
Keep timeout in TCP case even after connection is established.
- CVE-2022-23098
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/gweb-Fix-OOB-write-in-received_data.patch: Fix OOB
write in received_data().
- CVE-2022-32292
* SECURITY UPDATE: Use-after-free
- debian/patches/wispr-Add-reference-counter-to-portal-context.patch:
Add reference counter to portal context.
- debian/patches/wispr-Update-portal-context-references.patch: Update
portal context references.
- CVE-2022-32293
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2023-28488.patch: Verify and sanitize packet
length first.
- CVE-2023-28488
Date: 2023-07-18 11:36:07.825122+00:00
Changed-By: Fabian Toepfer <fabian.toepfer at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/connman/1.36-2.3ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list