Register | Log in

connman

Intel Connection Manager daemon

Choose email to subscribe with

general

source: connman (main)
version: 1.44-1
maintainer: Vignesh Raman (DMD)
uploaders: Alf Gaida [DMD] [DM] – Alexander Sack [DMD]
arch: all
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.36-2.1~deb10u2
o-o-sec: 1.36-2.1~deb10u5
oldstable: 1.36-2.2+deb11u2
old-sec: 1.36-2.2+deb11u2
stable: 1.41-3
testing: 1.43-1
unstable: 1.44-1

versioned links

1.36-2.1~deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.36-2.1~deb10u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.36-2.2+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.41-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.43-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.44-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

connman (22 bugs: 0, 22, 0, 0)
connman-dev
connman-doc
connman-tests
connman-vpn

action needed

2 security issues in trixie high

There are 2 open security issues in trixie.

2 important issues:

CVE-2025-32366: In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen) without a check for whether the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be larger than the amount of remaining packet data in the current state of parsing. Values of stack memory locations may be sent over the network in a response.
CVE-2025-32743: In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.

Created: 2025-04-06 Last update: 2025-04-13 00:32

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2025-32366: In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen) without a check for whether the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be larger than the amount of remaining packet data in the current state of parsing. Values of stack memory locations may be sent over the network in a response.
CVE-2025-32743: In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.

Created: 2025-04-06 Last update: 2025-04-13 00:32

2 security issues in bullseye high

There are 2 open security issues in bullseye.

2 important issues:

CVE-2025-32366: In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen) without a check for whether the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be larger than the amount of remaining packet data in the current state of parsing. Values of stack memory locations may be sent over the network in a response.
CVE-2025-32743: In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.

Created: 2025-04-06 Last update: 2025-04-13 00:32

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2025-32366: In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen) without a check for whether the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be larger than the amount of remaining packet data in the current state of parsing. Values of stack memory locations may be sent over the network in a response.
CVE-2025-32743: In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to incorrect length calculations and incorrect memcpy operations.

Created: 2025-04-06 Last update: 2025-04-13 00:32

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2024-09-16 Last update: 2025-04-13 05:00

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2024-09-16 Last update: 2024-09-16 20:33

testing migrations

excuses:
- Migration status for connman (1.43-1 to 1.44-1): Waiting for test results or another package, or too young (no action required now - check later)
- Issues preventing migration:
- ∙ ∙ Too young, only 4 of 10 days old
- Additional info:
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/c/connman.html
- ∙ ∙ Reproducible on amd64 - info ♻
- ∙ ∙ Reproducible on arm64 - info ♻
- ∙ ∙ Waiting for reproducibility test results on armhf - info ♻
- ∙ ∙ Reproducible on i386 - info ♻
- Not considered

news

[2025-04-12] Accepted connman 1.44-1 (source) into unstable (Dylan Aïssi)
[2024-09-21] connman 1.43-1 MIGRATED to testing (Debian testing watch)
[2024-09-16] Accepted connman 1.43-1 (source) into unstable (Dylan Aïssi)
[2024-06-06] connman 1.42-5 MIGRATED to testing (Debian testing watch)
[2024-06-05] connman REMOVED from testing (Debian testing watch)
[2024-01-11] connman 1.42-5 MIGRATED to testing (Debian testing watch)
[2024-01-05] Accepted connman 1.42-5 (source) into unstable (Dylan Aïssi)
[2023-12-21] Accepted connman 1.42-4 (source) into experimental (Dylan Aïssi)
[2023-12-09] connman 1.42-3 MIGRATED to testing (Debian testing watch)
[2023-12-04] Accepted connman 1.42-3 (source) into unstable (Dylan Aïssi)
[2023-12-03] Accepted connman 1.42-2 (source amd64 all) into experimental (Debian FTP Masters) (signed by: Dylan Aïssi)
[2023-11-20] connman 1.42-1 MIGRATED to testing (Debian testing watch)
[2023-11-14] Accepted connman 1.42-1 (source) into unstable (Vignesh Raman) (signed by: Dylan Aïssi)
[2023-06-08] Accepted connman 1.36-2.2+deb11u2 (source) into proposed-updates (Debian FTP Masters) (signed by: Aron Xu)
[2023-05-30] Accepted connman 1.36-2.2+deb11u2 (source) into stable-security (Debian FTP Masters) (signed by: Aron Xu)
[2023-04-21] Accepted connman 1.36-2.1~deb10u5 (source amd64 all) into oldstable (Chris Lamb)
[2023-04-19] connman 1.41-3 MIGRATED to testing (Debian testing watch)
[2023-04-14] Accepted connman 1.41-3 (source) into unstable (Vignesh Raman) (signed by: bage@debian.org)
[2022-10-10] Accepted connman 1.36-2.1~deb10u4 (source) into oldstable (Emilio Pozuelo Monfort)
[2022-09-21] Accepted connman 1.36-2.2+deb11u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2022-09-17] Accepted connman 1.36-2.2+deb11u1 (source) into stable-security (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2022-09-13] Accepted connman 1.36-2.1~deb10u3 (source) into oldstable (Chris Lamb)
[2022-08-24] connman 1.41-2 MIGRATED to testing (Debian testing watch)
[2022-08-19] Accepted connman 1.41-2 (source) into unstable (Vignesh Raman) (signed by: bage@debian.org)
[2022-04-17] connman 1.41-1 MIGRATED to testing (Debian testing watch)
[2022-04-11] Accepted connman 1.41-1 (source) into unstable (Vignesh Raman) (signed by: bage@debian.org)
[2022-03-03] connman 1.36-2.4 MIGRATED to testing (Debian testing watch)
[2022-02-26] Accepted connman 1.36-2.4 (source) into unstable (Ross Vandegrift) (signed by: bage@debian.org)
[2022-02-09] Accepted connman 1.33-3+deb9u3 (source) into oldoldstable (Emilio Pozuelo Monfort)
[2021-10-15] connman 1.36-2.3 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 26
RC: 0
I&N: 25
M&W: 1
F&P: 0
patch: 0

links

homepage
lintian (0, 4)
buildd: logs, checks, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.43-1
1 bug

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing