package/connman: security bump version to 1.42 (d5162e79) · Commits · Infra Solutions / Reference Design / platsw / buildroot

Commit d5162e79 authored Aug 18, 2023 by Clement Ramirez Committed by Yann E. MORIN Aug 20, 2023

package/connman: security bump version to 1.42

The 1.42 version of connman comes with the following CVEs fixes :
 - CVE-2022-32292
 - CVE-2022-32293
 - CVE-2023-28488

The first two CVEs have been fixed wuth upstream patches [0] which we
carry since 2f2b4c80 (package/connman: fix CVE-2022-3229{2,3}), now
included in this version bump; the third CVE [2] is also fixed by this
version bump [3].

[0] https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d1a5ede5d255bde8ef707f8441b997563b9312bd
    https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=72343929836de80727a27d6744c869dff045757c
    https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=416bfaff988882c553c672e5bfc2d4f648d29e8a

[1] 2f2b4c80 package/connman: fix CVE-2022-3229{2,3}

[2] https://nvd.nist.gov/vuln/detail/CVE-2023-28488

[3] https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=99e2c16ea1cced34a5dc450d76287a1c3e762138



Signed-off-by: Clement Ramirez <ramirez.clement3@gmail.com>
[yann.morin.1998@free.fr:
  - squash CVE-2023-28488 backport with version bump
  - reword commit log
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

parent 9f1ca943

Hide whitespace changes

Inline Side-by-side

Please register or to comment