Security issues in connman have been announced today (January 25): https://www.openwall.com/lists/oss-security/2022/01/25/1 Fixes are available here: https://lore.kernel.org/connman/20220125090026.5108-3-wagi@monom.org/T/#m81ef1e357b6b2d3efd53f86d1cdcbfe9a37d8b3f and have been commited upstream: https://git.kernel.org/pub/scm/network/connman/connman.git Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOOStatus comment: (none) => Patches available from upstreamCC: (none) => nicolas.salguero
Various packagers commit this SRPM, so assigning globally (noting that NicolasS is CC'd).
Assignee: bugsquad => pkg-bugs
Suggested advisory: ======================== The updated packages fix security vulnerabilities: TCP Receive Path does not Check for Presence of Sufficient Header Data. (CVE-2022-23096) Possibly invalid memory reference in `strnlen()` call in `forward_dns_reply()`. (CVE-2022-23097) TCP Receive Path Triggers 100 % CPU loop if DNS server does not Send Back Data. (CVE-2022-23098) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23096 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23097 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23098 https://www.openwall.com/lists/oss-security/2022/01/25/1 ======================== Updated packages in core/updates_testing: ======================== connman-devel-1.38-2.2.mga8 connman-1.38-2.2.mga8 from SRPM: connman-1.38-2.2.mga8.src.rpm
Version: Cauldron => 8Status: NEW => ASSIGNEDWhiteboard: MGA8TOO => (none)Status comment: Patches available from upstream => (none)Assignee: pkg-bugs => qa-bugsSource RPM: connman-1.40-1.mga9.src.rpm => connman-1.38-2.1.mga8.src.rpm
MGA8-64 Plasma on Lenovo B50 in Dutch No installation issues. Ref bug 28321 Comment 20, got exactly same results. Also installed econnman,the GUI, run it from CLI and got no connection working and even worse, it reports errors only to the CLI, and the GUI does onot work properly either (eg in manual mode, you can type in the wanted IP4 address, but the input disappears as you leave the address box). I sis not take Aurelien's advice to disable the net applet. That might explain the error's, but I'm hopeless to get this ever workiing properly.
CC: (none) => herman.viaene
MGA8-64 Plasma on AMD Phenom II X4 desktop with Atheros-based wifi. No installation issues here, either. I'm not familiar with this either. I sought some guidance from DuckDuckGo, and found https://wiki.archlinux.org/title/ConnMan with a brief tutorial on some of the commands. I attempted the same procedure that I tried in bug 28321 Comment 24, with pretty much the same results (after some stumbling with the commands) - and this time I was able to get connman to tell me I was connected to my wifi network. Also tried in a VirtualBox guest, to simulate a wired connection. This worked very well, none of the stumbling in establishing a wifi connection. I like our net_applet and/or Network Manager better, but this looks like it's working as designed. Giving it an OK, and Validating. Advisory in Comment 2.
CC: (none) => andrewsfarm, sysadmin-bugsWhiteboard: (none) => MGA8-64-OKKeywords: (none) => validated_update
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0045.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED