{"id":"MGASA-2018-0036","summary":"Updated connman packages fix security vulnerability","details":"Security consultants in NRI Secure Technologies discovered a stack\noverflow vulnerability in ConnMan. An attacker with control of the DNS\nresponses to the DNS proxy in ConnMan might crash the service and, in same\ncases, remotely execute arbitrary commands in the host running the service\n(CVE-2017-12865)\n","modified":"2026-01-30T19:43:44.512135Z","published":"2018-01-03T14:22:14Z","related":["CVE-2017-12865"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0036.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21629"},{"type":"REPORT","url":"https://www.debian.org/security/2017/dsa-3956"}],"affected":[{"package":{"name":"connman","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/connman?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.24-4.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0036.json"}},{"package":{"name":"connman","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/connman?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.33-6.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0036.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}