{"affected":[{"ecosystem_specific":{"binaries":[{"connman":"1.39-lp152.3.3.1","connman-client":"1.39-lp152.3.3.1","connman-devel":"1.39-lp152.3.3.1","connman-doc":"1.39-lp152.3.3.1","connman-nmcompat":"1.39-lp152.3.3.1","connman-plugin-hh2serial-gps":"1.39-lp152.3.3.1","connman-plugin-iospm":"1.39-lp152.3.3.1","connman-plugin-l2tp":"1.39-lp152.3.3.1","connman-plugin-openconnect":"1.39-lp152.3.3.1","connman-plugin-openvpn":"1.39-lp152.3.3.1","connman-plugin-polkit":"1.39-lp152.3.3.1","connman-plugin-pptp":"1.39-lp152.3.3.1","connman-plugin-tist":"1.39-lp152.3.3.1","connman-plugin-vpnc":"1.39-lp152.3.3.1","connman-plugin-wireguard":"1.39-lp152.3.3.1","connman-test":"1.39-lp152.3.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"connman","purl":"pkg:rpm/opensuse/connman&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.39-lp152.3.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for connman fixes the following issues:\n\nUpdate to 1.39 (boo#1181751):\n\n* Fix issue with scanning state synchronization and iwd.\n* Fix issue with invalid key with 4-way handshake offloading.\n* Fix issue with DNS proxy length checks to prevent buffer overflow. (CVE-2021-26675)\n* Fix issue with DHCP leaking stack data via uninitialized variable. (CVE-2021-26676)\n\nUpdate to 1.38:\n\n* Fix issue with online check on IP address update.\n* Fix issue with OpenVPN and encrypted private keys.\n* Fix issue with finishing of VPN connections.\n* Add support for updated stable iwd APIs.\n* Add support for WireGuard networks.\n\nUpdate to 1.37:\n\n* Fix issue with handling invalid gateway addresses.\n* Fix issue with handling updates of default gateway.\n* Fix issue with DHCP servers that require broadcast flag.\n* Add support for option to use gateways as time servers.\n* Add support for option to select default technology.\n* Add support for Address Conflict Detection (ACD).\n* Add support for IPv6 iptables management.\n\nChange in 1.36:\n\n* Fix issue with DNS short response on error handling.\n* Fix issue with handling incoming DNS requests.\n* Fix issue with handling empty timeserver list.\n* Fix issue with incorrect DHCP byte order.\n* Fix issue with AllowDomainnameUpdates handling.\n* Fix issue with IPv4 link-local IP conflict error.\n* Fix issue with handling WISPr over TLS connections.\n* Fix issue with WiFi background scanning handling.\n* Fix issue with WiFi disconnect+connect race condition.\n* Fix issue with WiFi scanning and tethering operation.\n* Fix issue with WiFi security change handling.\n* Fix issue with missing signal for WPS changes.\n* Fix issue with online check retry handling.\n* Add support for systemd-resolved backend.\n* Add support for mDNS configuration setup.\n\n","id":"openSUSE-SU-2021:0416-1","modified":"2021-03-16T17:06:21Z","published":"2021-03-16T17:06:21Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OTS3LYTIBT7XMBIAK6RCJOKOTPNIEQSF/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181751"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-26675"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-26676"}],"related":["CVE-2021-26675","CVE-2021-26676"],"summary":"Security update for connman","upstream":["CVE-2021-26675","CVE-2021-26676"]}