lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 29 Aug 2017 20:36:37 +0900
From: "Daisuke Noguchi[NRIセキュア 野口]" <noguchi@...-secure.co.jp>
To: <fulldisclosure@...lists.org>
Subject: [FD] ConnMan #ConnManDo Vulnerability

Hi list,

We have published the web page which describes about detail of CVE-2017-12865,ConnMan vulnerability.
http://connmando.nri-secure.co.jp/index.html

This patch has been merged to master branch of debian and yocto Linux distribution.
And now we are trying to communicate with other Linux distribution security teams.
- [debian][DSA 3956-1] connman security update
  https://www.debian.org/security/2017/dsa-3956
- [yocto]connman: Fix for CVE-2017-12865
  http://git.yoctoproject.org/cgit/cgit.cgi/poky/commit/?id=9086b525dd00f482ea68a384540cd30778413c9e

If it would be worth applying patch, could you please deal with it.


----------------------------------------------------------------
このメールは、本来の宛先の方のみに限定された機密情報が含まれてい
る場合がございます。お心あたりのない場合は、送信者にご連絡のうえ、
このメールを削除いただきますようお願い申し上げます。

PLEASE READ :This e-mail is confidential and intended for the
named recipient only. If you are not an intended recipient,
please notify the sender and delete this e-mail.
----------------------------------------------------------------

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists