| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 01-init-script-lsb-headers.patch | connman: Missing LSB header in init.d script | Petter Reinholdtsen <pere@hungry.com> | no | debian | ||
| manpage-fixes.patch | Some typos fixed in manpages | Alf Gaida <agaida@siduction.org> | no | 2018-02-17 | ||
| iwd-remove-device-state-property.patch | iwd: Remove device state property iwd has moved parts of the Device API into the Station API. Among those properties is the state of device. So far we haven't used this property at all, therefore we can just remove it. |
Daniel Wagner <wagi@monom.org> | no | 2018-09-29 | ||
| gdhcp-Avoid-reading-invalid-data-in-dhcp_get_option.patch | [PATCH 1/3] gdhcp: Avoid reading invalid data in dhcp_get_option CVE-2021-26676 |
Colin Wee <cwee@tesla.com> | no | 2021-01-28 | ||
| gdhcp-Avoid-leaking-stack-data-via-unitiialized-vari.patch | [PATCH 2/3] gdhcp: Avoid leaking stack data via unitiialized variable CVE-2021-26676 |
Colin Wee <cwee@tesla.com> | no | 2021-01-28 | ||
| dnsproxy-Add-length-checks-to-prevent-buffer-overflo.patch | [PATCH 3/3] dnsproxy: Add length checks to prevent buffer overflow CVE-2021-26675 |
Colin Wee <cwee@tesla.com> | no | 2021-01-28 | ||
| dnsproxy-Check-the-length-of-buffers-before-memcpy.patch | dnsproxy: Check the length of buffers before memcpy Fix using a stack-based buffer overflow attack by checking the length of the ptr and uptr buffers. Fix debug message output. |
Valery Kashcheev <v.kascheev@omp.ru> | no | debian | https://git.kernel.org/pub/scm/network/connman/connman.git/commit?id=eceb2e8d2341c041df55a5e2f047d9a8c491463c | 2021-06-07 |
| dnsproxy-Simplify-udp_server_event.patch | dnsproxy: Simplify udp_server_event() | Slava Monich <slava.monich@jolla.com> | no | https://git.kernel.org/pub/scm/network/connman/connman.git/commit?id=de020cc7e8ad11f81c879f60f22348f8a7798d4c | 2018-08-23 | |
| dnsproxy-Validate-input-data-before-using-them.patch | dnsproxy: Validate input data before using them dnsproxy is not validating various input data. Add a bunch of checks. |
Daniel Wagner <wagi@monom.org> | no | debian | https://git.kernel.org/pub/scm/network/connman/connman.git/commit?id=e5a313736e13c90d19085e953a26256a198e4950 | 2022-01-25 |
| dnsproxy-Avoid-100-busy-loop-in-TCP-server-case.patch | dnsproxy: Avoid 100 % busy loop in TCP server case Once the TCP socket is connected and until the remote server is responding (if ever) ConnMan executes a 100 % CPU loop, since the connected socket will always be writable (G_IO_OUT). To fix this, modify the watch after the connection is established to remove the G_IO_OUT from the callback conditions. |
Matthias Gerstner <mgerstner@suse.de> | no | debian | https://git.kernel.org/pub/scm/network/connman/connman.git/commit?id=d8708b85c1e8fe25af7803e8a20cf20e7201d8a4 | 2022-01-25 |
| dnsproxy-Keep-timeout-in-TCP-case-even-after-connect.patch | dnsproxy: Keep timeout in TCP case even after connection is established If an outgoing TCP connection succeeds but the remote server never sends back any data then currently the TCP connection will never be terminated by connmand. To prevent this keep the connection timeout of 30 seconds active even after the connection has been established. |
Matthias Gerstner <mgerstner@suse.de> | no | debian | https://git.kernel.org/pub/scm/network/connman/connman.git/commit?id=5c34313a196515c80fe78a2862ad78174b985be5 | 2022-01-25 |
| gweb-Fix-OOB-write-in-received_data.patch | gweb: Fix OOB write in received_data() There is a mismatch of handling binary vs. C-string data with memchr and strlen, resulting in pos, count, and bytes_read to become out of sync and result in a heap overflow. Instead, do not treat the buffer as an ASCII C-string. We calculate the count based on the return value of memchr, instead of strlen. |
Nathan Crandall <ncrandall@tesla.com> | no | debian | https://git.kernel.org/pub/scm/network/connman/connman.git/commit?id=d1a5ede5d255bde8ef707f8441b997563b9312bd | 2022-07-12 |
| wispr-Add-reference-counter-to-portal-context.patch | wispr: Add reference counter to portal context Track the connman_wispr_portal_context live time via a refcounter. This only adds the infrastructure to do proper reference counting. [Salvatore Bonaccorso: Backport to 1.36: Drop changes around f0bd0e8fe578 ("service: Add online to ready transition feature") upstream in 1.40] |
Daniel Wagner <wagi@monom.org> | no | debian | https://git.kernel.org/pub/scm/network/connman/connman.git/commit?id=72343929836de80727a27d6744c869dff045757c | 2022-07-05 |
| wispr-Update-portal-context-references.patch | wispr: Update portal context references Maintain proper portal context references to avoid UAF. [Salvatore Bonaccorso: Backport to 1.36: Drop changes around f0bd0e8fe578 ("service: Add online to ready transition feature") upstream in 1.40] |
Daniel Wagner <wagi@monom.org> | no | debian | https://git.kernel.org/pub/scm/network/connman/connman.git/commit?id=416bfaff988882c553c672e5bfc2d4f648d29e8a | 2022-07-05 |
| CVE-2023-28488.patch | gdhcp: Verify and sanitize packet length first Avoid overwriting the read packet length after the initial test. Thus move all the length checks which depends on the total length first and do not use the total lenght from the IP packet afterwards. Fixes CVE-2023-28488 Reported by Polina Smirnova <moe.hwr@gmail.com> |
Daniel Wagner <wagi@monom.org> | no | 2023-04-11 |