CVE-2017-5716 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5716): Buffer overflow in ConnMan Project connection manager daemon version 1.34 and earlier allows a remote attacker to conduct a denial of service and remote code execution via malformed DNS packets. References: https://01.org/security/intel-oss-10001/intel-oss-10001
*** Bug 630036 has been marked as a duplicate of this bug. ***
Version 1.35 is now in the tree: commit 6e6adfa40771badfb21c1ff3f71aaf464b754f34 Author: Yixun Lan <dlan@gentoo.org> Date: Tue Sep 5 10:36:29 2017 +0800 net-misc/connman: version bump 1.35 Package-Manager: Portage-2.3.6, Repoman-2.3.3 @ Maintianer(s): Please state when this package is ready for stabilization, thanks.
@arches, please stabilize.
An automated check of this bug failed - repoman reported dependency errors (47 lines truncated): > dependency.bad net-misc/connman/connman-1.35-r1.ebuild: DEPEND: ppc(default/linux/powerpc/ppc32/13.0) ['>=net-libs/libnftnl-1.0.4:0='] > dependency.bad net-misc/connman/connman-1.35-r1.ebuild: RDEPEND: ppc(default/linux/powerpc/ppc32/13.0) ['>=net-libs/libnftnl-1.0.4:0='] > dependency.bad net-misc/connman/connman-1.35-r1.ebuild: DEPEND: ppc(default/linux/powerpc/ppc32/13.0/desktop) ['>=net-libs/libnftnl-1.0.4:0=']
x86 stable
amd64 stable
arm stable
ppc/ppc64 stable. all arches stable
This issue was resolved and addressed in GLSA 201812-02 at https://security.gentoo.org/glsa/201812-02 by GLSA coordinator Aaron Bauman (b-man).
re-opened for cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9aa569612a830d4a33815b47501f3d11b70cc701 commit 9aa569612a830d4a33815b47501f3d11b70cc701 Author: Ben Kohler <bkohler@gentoo.org> AuthorDate: 2018-12-03 22:29:14 +0000 Commit: Ben Kohler <bkohler@gentoo.org> CommitDate: 2018-12-03 22:29:33 +0000 net-misc/connman: drop old Bug: https://bugs.gentoo.org/630028 Package-Manager: Portage-2.3.52, Repoman-2.3.12 Signed-off-by: Ben Kohler <bkohler@gentoo.org> net-misc/connman/Manifest | 3 -- net-misc/connman/connman-1.29.ebuild | 70 ------------------------- net-misc/connman/connman-1.33-r1.ebuild | 83 ------------------------------ net-misc/connman/connman-1.34.ebuild | 90 --------------------------------- 4 files changed, 246 deletions(-)
(In reply to Larry the Git Cow from comment #12) > The bug has been referenced in the following commit(s): > > https://gitweb.gentoo.org/repo/gentoo.git/commit/ > ?id=9aa569612a830d4a33815b47501f3d11b70cc701 > > commit 9aa569612a830d4a33815b47501f3d11b70cc701 > Author: Ben Kohler <bkohler@gentoo.org> > AuthorDate: 2018-12-03 22:29:14 +0000 > Commit: Ben Kohler <bkohler@gentoo.org> > CommitDate: 2018-12-03 22:29:33 +0000 > > net-misc/connman: drop old > > Bug: https://bugs.gentoo.org/630028 > Package-Manager: Portage-2.3.52, Repoman-2.3.12 > Signed-off-by: Ben Kohler <bkohler@gentoo.org> > > net-misc/connman/Manifest | 3 -- > net-misc/connman/connman-1.29.ebuild | 70 ------------------------- > net-misc/connman/connman-1.33-r1.ebuild | 83 ------------------------------ > net-misc/connman/connman-1.34.ebuild | 90 > --------------------------------- > 4 files changed, 246 deletions(-) Thanks, Ben!