oss-security - ConnMan #ConnManDo Vulnerability

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [day] [month] [year] [list]

Date: Wed, 30 Aug 2017 00:54:23 +0900
From: "Daisuke Noguchi[NRIセキュア　野口]" <noguchi@...-secure.co.jp>
To: <oss-security@...ts.openwall.com>
CC: noguchi@...-secure.co.jp
Subject: ConnMan #ConnManDo Vulnerability

Hi ALL

We have published the web page which describes about detail of CVE-2017-12865, ConnMan vulnerability.
http://connmando.nri-secure.co.jp/index.html

This patch has been merged to master branch of debian and yocto Linux distribution.
And now we are trying to communicate with other Linux distribution security teams.
- [debian][DSA 3956-1] connman security update
  https://www.debian.org/security/2017/dsa-3956
- [yocto]connman: Fix for CVE-2017-12865
  http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=9086b525dd00f482ea68a384540cd30778413c9e

If it would be worth posting, could you please deal with it.

Best regards,

------------------------------------------------------------
Daisuke Noguchi
Seinor Security Consultant
NRI Secure Technologies, Ltd. Cyber Security Technical Development Department
Tokyo Office   TEL +81-3-6831-8514 Fax +81-3-6706-0599



----------------------------------------------------------------
このメールは、本来の宛先の方のみに限定された機密情報が含まれてい
る場合がございます。お心あたりのない場合は、送信者にご連絡のうえ、
このメールを削除いただきますようお願い申し上げます。

PLEASE READ :This e-mail is confidential and intended for the
named recipient only. If you are not an intended recipient,
please notify the sender and delete this e-mail.
----------------------------------------------------------------

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.