Bugzilla – Bug 1200189
VUL-0: CVE-2022-32292: connman: Heap overflow in gweb's received_data()
Last modified: 2022-08-04 07:33:33 UTC
Mitre has assigned CVE-2022-32292
The following codestreams will require a fix after the embargo has been lifted:
Fix posted upstream
This is an autogenerated message for OBS integration:
This bug (1200189) was mentioned in
https://build.opensuse.org/request/show/992043 Backports:SLE-15-SP3 / connman
https://build.opensuse.org/request/show/992048 Backports:SLE-15-SP4 / connman
openSUSE-SU-2022:10076-1: An update that fixes two vulnerabilities is now available.
Category: security (critical)
Bug References: 1200189,1200190
CVE References: CVE-2022-32292,CVE-2022-32293
openSUSE Backports SLE-15-SP4 (src): connman-1.41-bp126.96.36.199
also asked mitre to publish the CVE
Did you also submit to Factory?
Yes, Factory is also updated. I've used the same change log. I am
surprised the backports are linked to this bug report but not the
weird, verified bsc is mentioned in changes in Factory.