Your message dated Fri, 25 May 2012 18:47:09 +0000
with message-id <e1sxzxz-0001nt...@franck.debian.org>
and subject line Bug#672989: fixed in connman 1.0-1
has caused the Debian Bug report #672989,
regarding Multiple security issues
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
672989: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672989
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: connman
Severity: grave
Tags: security
CVE-2012-2320: Conman doesn't check for the origin of netlink messages (from
https://bugzilla.novell.com/show_bug.cgi?id=715172#c4)
http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=c1b968984212b46bea1330f5ae029507b9bfded9
http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=b0ec6eb4466acc57a9ea8be52c17b674b6ea0618
CVE-2012-2321: Check hostname validity prior setting the hostname in loopback
plug-in: (from
https://bugzilla.novell.com/show_bug.cgi?id=715172#c4)
http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=26ace5c59f790bce0f1988b88874c6f2c480fd5a
http://git.kernel.org/?p=network/connman/connman.git;a=commit;h=a5f540db7354b76bcabd0a05d8eb8ba2bff4e911
CVE-2012-2322: DHCPv6 option parsing vulnerable to DoS (endless loop): (from
https://bugzilla.novell.com/show_bug.cgi?id=715172#c9)
http://lists.connman.net/pipermail/connman/2012-May/009473.html
Since this package is effectively unmaintained (no upload later than 2010 and
waaaay behind
upstream I suggest to simply remove it for Wheezy?)
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: connman
Source-Version: 1.0-1
We believe that the bug you reported is fixed in the latest version of
connman, which is due to be installed in the Debian FTP archive:
connman-dev_1.0-1_amd64.deb
to main/c/connman/connman-dev_1.0-1_amd64.deb
connman-doc_1.0-1_all.deb
to main/c/connman/connman-doc_1.0-1_all.deb
connman_1.0-1.debian.tar.gz
to main/c/connman/connman_1.0-1.debian.tar.gz
connman_1.0-1.dsc
to main/c/connman/connman_1.0-1.dsc
connman_1.0-1_amd64.deb
to main/c/connman/connman_1.0-1_amd64.deb
connman_1.0.orig.tar.xz
to main/c/connman/connman_1.0.orig.tar.xz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 672...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mathieu Trudel-Lapierre <mathieu...@ubuntu.com> (supplier of updated connman
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 24 May 2012 22:09:35 -0400
Source: connman
Binary: connman connman-dev connman-doc
Architecture: source amd64 all
Version: 1.0-1
Distribution: unstable
Urgency: high
Maintainer: Alexander Sack <a...@debian.org>
Changed-By: Mathieu Trudel-Lapierre <mathieu...@ubuntu.com>
Description:
connman - Intel Connection Manager daemon
connman-dev - Development files for connman
connman-doc - ConnMan documentation
Closes: 583925 583928 672989
Changes:
connman (1.0-1) unstable; urgency=high
.
[ Andrew Brouwers ]
* New upstream release (closes: #583925, #672989)
* Add debian/watch (closes: #583928)
* Update to compat 8 + standards version 3.9.3
- Remove debian/tmp from install files
* debian/control:
- Remove obsolete deps (cdbs, quilt, dpkg-dev, ppp-dev, dhcp3-client)
(use source format 3.0, too)
- Add missing deps: iptables-dev, gnutls-dev
- Add recommends for wpa_supplicant (wifi) + bluez (bluetooth)
- Add a connman-doc package
* debian/rules:
- Convert from cdbs -> dh; most of the details outling patches and source
mangling should be obsolete with regular stable tarball releases;
simplify the rules file accordingly
- Add support for openvpn + openconnect to configure
- Specify systemd unit-file location to provide upstream systemd unit
* Remove NM compatibility mode from default init-script options (no longer
available upstream); remove connman.default accordingly
* Use dh_installinit for initscript install, and eliminate post/pre-install
files used to manage the init script; thanks to Patrik Flykt for the
suggestion!
* Update debian/copyright for DEP5 + GPL-2 simplification
* Punt debian/README.source - docs/*.txt should be covered by copyright
now - update note accordingly
.
[ Mathieu Trudel-Lapierre ]
* debian/control:
- Set VCS-* fields to new location.
- Add a Conflicts: network-manager, wicd to the connman binary package,
since they all try to manage the same network devices.
- Fix my name in uploaders for proper signing.
- Add a Depends for dbus, lsb-base to connman.
* debian/copyright: updated and fixed to adhere to DEP-5 format.
* debian/rules:
- override dh_auto_install to fail on files that aren't installed; also
clean up on .la files.
- clean up on the debian/connman.init file we copy in installinit.
- use --restart-on-upgrade for dh_installinit
* debian/patches/01-init-script-lsb-headers.patch: more fixes to the init
script:
- set LSB Default-Stop, add NAME, drop 'set -e'.
- add support for a "status" command.
* debian/control, debian/compat: bump to compat level 9, to get the hardening
flags at build time.
* debian/connman.install, debian/connman-dev.install: make the paths
multiarch
aware (since that comes along with compat 9).
* debian/connman.postinst, debian/rules: disable the connman init script on
install if NetworkManager or wicd are installed. See README.Debian.
Checksums-Sha1:
995f8bdfc6871b3332cfeffaa4285db7d490dc9a 2121 connman_1.0-1.dsc
65a7bc11635f788313a66bd2be499fbbfb0d55b9 514832 connman_1.0.orig.tar.xz
4604bb0b98fb59b22b200ad7bc1f267e73436a8e 7968 connman_1.0-1.debian.tar.gz
66ae89b45c79633c543e33c7d9f957700760e68b 295482 connman_1.0-1_amd64.deb
c2e92894e1edc682c7ed8651c4a4b731347ffa3a 20068 connman-dev_1.0-1_amd64.deb
1f3d6751fc1c0a13fa8a179484c3da06444e499a 40364 connman-doc_1.0-1_all.deb
Checksums-Sha256:
efa778b82751fc629109a7acfd8ff7516d2e93a6db3950465444d4f8e06160ff 2121
connman_1.0-1.dsc
627896a506f66629d288934ba7ffb16f539d74f86723c70206cfe9f4c4bcad91 514832
connman_1.0.orig.tar.xz
db3d6f489655f015b10bd5f8959bb35b1a36848b2c8c72a79d5ff9b559111869 7968
connman_1.0-1.debian.tar.gz
ce8eeada51f45408de1b23180e41ec529bcd606b65ac21233f17027b13c713b8 295482
connman_1.0-1_amd64.deb
c0216dfc18a0ff1489122809e4ee531593b3d6a253a203d29021485e1f653d12 20068
connman-dev_1.0-1_amd64.deb
3e6d3a25ab9c56b47fd603bb8437ea725d55ec53b851addf9ff44dea8afe68c1 40364
connman-doc_1.0-1_all.deb
Files:
fb5604e4028a5a7110791d1ecf09d0b9 2121 net optional connman_1.0-1.dsc
0424267d2c1db6fbcaa729bf23967cc4 514832 net optional connman_1.0.orig.tar.xz
12423afe6fd10742910e6d39dc8bd655 7968 net optional connman_1.0-1.debian.tar.gz
032e10c161282ef15cee4d2a4a479b29 295482 net optional connman_1.0-1_amd64.deb
866f1c9414a423553db4e438097a815d 20068 devel optional
connman-dev_1.0-1_amd64.deb
af5fee195b6918e792d68710d129e83c 40364 doc optional connman-doc_1.0-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJPvvDtAAoJEGrh3w1gjyLcbMQP/2EAdu0eeLUMhxv+OC6COw5+
NwoAgc3HmUlMIaFyE/k3W3lXFOp3p74eXdrofxHwCv5W7r1Q3kNqMIyTfsyJwvCa
3GanC+hy1XDMKFsrPtzTleKu89m9fBXRQAhmFyEZIpQxHuxK05AteSiHL2VlFH28
D9+Gc0MEXg7I53Dj9UlW8J8k5MePcOGFm+K5hLpcNAHIUpaSsTUBG6ezmtDS1MeV
g6Z+uth2uPh380VNRrrpWJlIXoUmBCOsVDbTFPVUDWWU68LSgXp7AojLsndX+cZd
yXQ6ArqVdQuaifg3wBwncz7xvRcxim0T+wzBmFoyPc6N4xSaJAX6vmxPtB/6a9ao
9v+U3t7O2CRKgmtilv/tFVA2NugDMnebRIdRuhMy3OdEgZc7QzsA1jELPuRUuBe3
I4svT22okXViZMCblDh2yJRYf/AeYdIT/POd1oNoAkh5/W7m8EHB/4Ar7Qplip34
VuYqV7QIzqUTAe6EPkz47ei2QpSakd6X7qnw4vW2jZhfuHeRZK1oaLcGP5RyUUZ1
5Qh22SWZqtNZ4CS7AK5AHvDnW834SVnUWzBXv+eIkq/IqbiSACCt4NhlU0nuz3qh
25Mpvq0VdbBmYNytP7NoTs3O3JPwQGxuhbIi0Mu7jM4gxaMBe4dj1TQKgc3kRt8Y
yzyQVqNcczY6iif3CWim
=78F5
-----END PGP SIGNATURE-----
--- End Message ---
