[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1078-1] connman security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : connman
Version        : 1.0-1.1+wheezy2
CVE ID         : CVE-2017-12865
Debian Bug     : 872844

In connman, stack-based buffer overflow in "dnsproxy.c" allows remote attackers
to cause a denial of service (crash) or execute arbitrary code via a crafted
response query string passed to the "name" variable. 

For Debian 7 "Wheezy", these problems have been fixed in version
1.0-1.1+wheezy2.

We recommend that you upgrade your connman packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAlmnBZEACgkQ+COicpiD
yXzacA/+MBfyWJiQubQR5spcPFmjo7b/fui3uQLWIBqEfpDqIBVfgVBqYDLgEFt6
o6igBv9ZdEYlkLjuIf7J5lVCYRuOrGC2M5G6HnWqALXut1OiMqrJg3fgq89ABs1Q
wTNZWK1tx7Yu+ye66B5iStSUCTfD0li2OONG2u0HPS+/ax9uUetLfyXpAybIwOyR
s4yyKRvrMX7v4NW8VutZgkiGfaP8sqsKW4FDfiRt1Oe28x0z35RxqsbroibXRI2a
PcnftEggxJQHx1z8Ky+HFZJf99npse0n+hht+am6nDqTXAoVx3sqSvlBj7cXjXz2
0jFVjr5EE1tUNbjfa6oONNaghM4ZlpxokfeNNM3v5NaFjHfbPDs5LH5xWuzfaBoS
kkgqLaeKqFMQpzQShYlh2D/s6hP3LRnZeHxjaWFYuAVbkiT97OujIj0cssbA12a9
wzZhU+4aFcYWsG4mVJ5BDUjdsFCAVrXwBVid5E2IUma5/Gk9MnNzGhrWB6+R1fFw
OTEI0qJoYafWc3NpELF1DfDCqrIXXmpj73M+RwJvmq5hOVs+tjWZmk84v53eCJ5s
ATL/9MjG1NJBG+KL5o5fdO9VUCAkHLGAypCmOOu7Q9lhleBpiVlOuVCoTOcT3AO0
Gfk36XCnGq5GgKN1X0lEWwSzrN5eBhcpqXqrl6O37FOIeHmWhXQ=
=Bci5
-----END PGP SIGNATURE-----


Reply to: