Changelog for
connman-1.42-lp154.3.1.x86_64.rpm :
* Thu Feb 08 2024 Dominique Leuenberger
- Change all hashbangs of test scripts from /usr/bin/python to /usr/bin/python3: the code is py3 ready (boo#1219309, commit 55965561).
* Mon Nov 13 2023 Daniel Wagner - Update to 1.42
* Fix issue with iwd and signal strength calculation.
* Fix issue with iwd and handling service removal.
* Fix issue with iwd and handling new connections.
* Fix issue with handling default online check URL.
* Fix issue with handling nameservers refresh.
* Fix issue with handling proxy from DHCP lease. (bsc#1210395 CVE-2023-28488)
* Fix issue with handling multiple proxies from PAC.
* Fix issue with handling manual time update changes.
* Fix issue with handling invalid gateway routes.
* Fix issue with handling hidden WiFi agent requests.
* Fix issue with handling WiFi SAE authentication failure.
* Fix issue with handling DNS Proxy and TCP server replies.
* Add support for regulatory domain following timezone.
* Add support for localtime configuration option.
* add 0001-scripts-add-missing-header-file.patch- remove patches
* remove 0001-wispr-Rename-wispr_portal_list-to-wispr_portal_hash.patch
* remove 0002-wispr-Ignore-NULL-proxy.patch
* remove 0003-wispr-Add-reference-counter-to-portal-context.patch
* remove 0004-wispr-Update-portal-context-references.patch
* remove 0005-gweb-Fix-OOB-write-in-received_data.patch
* Mon Aug 01 2022 Daniel Wagner - Add refcounting to wispr portal detection (bsc#1200190)
* add 0001-wispr-Rename-wispr_portal_list-to-wispr_portal_hash.patch
* add 0002-wispr-Ignore-NULL-proxy.patch
* add 0003-wispr-Add-reference-counter-to-portal-context.patch (CVE-2022-32293)
* add 0004-wispr-Update-portal-context-references.patch (CVE-2022-32293)- Fix OOB write in received_data (bsc#1200189)
* add 0005-gweb-Fix-OOB-write-in-received_data.patch (CVE-2022-32292)
* Thu Jul 14 2022 Daniel Wagner - Switch from iptables to nftables.
* Thu May 12 2022 Dominique Leuenberger - Explicitly BuildRequire openconnect: configure is looking for the binaries, not only the devel parts. The devel package though does not pull in the daemon (which is not used in most cases to develop).
* Tue Feb 01 2022 Daniel Wagner - Update to 1.41: (bsc#1194177, bsc#1194176, bsc#1194175)
* Fix issue with RTNL netlink message alignment.
* Fix issue with dnsproxy and timeout for TCP feature. (CVE-2022-23097, CVE-2022-23096)
* Fix issue with dnsproxy and busy loop in TCP server. (CVE-2022-23098)
* Fix issue with WiFi connection with no passphrase.
* Add support for wpa_supplicant and WPA3-SAE functionality.
* Add support for D-Bus ObjectManager interface.- Renamed downstream patches to separate them from upstream patches
* Rename 0001-connman-1.35-service.patch to 0100-connman-1.35-service.patch
* Rename harden_connman-vpn.service.patch to 0101-harden_connman-vpn.service.patch
* Rename harden_connman-wait-online.service.patch to 0102-harden_connman-wait-online.service.patch
* Fri Nov 26 2021 Danilo Spinella - connman-nmcompat manages D-Bus permissions for NetworkManager service. However, these rules are different than the ones NetworkManager setup. Allow the installation of only either of them. Fixes bsc#1192827
* Fri Oct 15 2021 Johannes Segitz - Drop ProtectClock hardening, can cause issues if other device acceess is needed
* Mon Aug 30 2021 Johannes Segitz - Added hardening to systemd service(s). Added patch(es):
* harden_connman-vpn.service.patch
* harden_connman-wait-online.service.patch
* Mon Aug 23 2021 Daniel Wagner - Update to 1.40:
* Fix issue with handling WiFi disconnecting status.
* Fix issue with handling WiFi auto-connect and iwd backend.
* Drop 0002-dnsproxy-Check-the-length-of-buffers-before-memcpy.patch
* Wed Jun 09 2021 Daniel Wagner - Address buffer overflow in dnsproxy (bsc#1186869):
* Rename connman-1.35-service.patch to 0001-connman-1.35-service.patch
* Add 0002-dnsproxy-Check-the-length-of-buffers-before-memcpy.patch (CVE-2021-33833)
* Fri Feb 12 2021 Paolo Stivanin - Update to 1.39 (bsc#1181751):
* Fix issue with scanning state synchronization and iwd.
* Fix issue with invalid key with 4-way handshake offloading.
* Fix issue with DNS proxy length checks to prevent buffer overflow. (CVE-2021-26675)
* Fix issue with DHCP leaking stack data via uninitialized variable. (CVE-2021-26676)
* Tue Feb 18 2020 Alexei Podvalsky - Update to 1.38:
* Fix issue with online check on IP address update.
* Fix issue with OpenVPN and encrypted private keys.
* Fix issue with finishing of VPN connections.
* Add support for updated stable iwd APIs.
* Add support for WireGuard networks.- Spec file cleanup
* Fri May 10 2019 Alexei Podvalsky - Update to 1.37:
* Fix issue with handling invalid gateway addresses.
* Fix issue with handling updates of default gateway.
* Fix issue with DHCP servers that require broadcast flag.
* Add support for option to use gateways as time servers.
* Add support for option to select default technology.
* Add support for Address Conflict Detection (ACD).
* Add support for IPv6 iptables management.- Change in 1.36:
* Fix issue with DNS short response on error handling.
* Fix issue with handling incoming DNS requests.
* Fix issue with handling empty timeserver list.
* Fix issue with incorrect DHCP byte order.
* Fix issue with AllowDomainnameUpdates handling.
* Fix issue with IPv4 link-local IP conflict error.
* Fix issue with handling WISPr over TLS connections.
* Fix issue with WiFi background scanning handling.
* Fix issue with WiFi disconnect+connect race condition.
* Fix issue with WiFi scanning and tethering operation.
* Fix issue with WiFi security change handling.
* Fix issue with missing signal for WPS changes.
* Fix issue with online check retry handling.
* Add support for systemd-resolved backend.
* Add support for mDNS configuration setup.- Drop connman-1.35-include.patch- Drop connman-1.35-resolvconf.patch
* Tue Feb 13 2018 avvissuAATTyandex.by- Fix build errors due to unsupported header include order with newer kernels >=4.15 (connman-1.35-include.patch).
* Tue Dec 26 2017 avvissuAATTyandex.by- Add symlink to network.service (connman-1.35-service.patch)
* Thu Oct 26 2017 avvissuAATTyandex.by- Change the mode of download_files (sr#521762)- Remove connman-rpmlintrc (bnc#1057697)- Add client as a recommended dependency
* Fri Oct 20 2017 avvissuAATTyandex.by- Remove unrecognized options: disable-gtk-doc, enable-threads, disable-iwmx, enable-session-policy
* Thu Oct 19 2017 avvissuAATTyandex.by- Add configuration file (/etc/connman/main.conf)- Add ghost lines: main.conf connman connman-vpn
* Tue Oct 03 2017 avvissuAATTyandex.by- Add connman-1.35-resolvconf.patch- Activate connman.service if the network services disabled- Add info in /var/adm/update-messages
* Fri Sep 08 2017 avvissuAATTyandex.by- Remove obsolete macros- Add polkit-agent-1 dependency- Use the %tmpfiles_create macro- Removal of ldconfig scriptlets from all packages- Add connman-wait-online.service in post{un}- Spec file cleanup
* Tue Aug 22 2017 sleep_walkerAATTopensuse.org- bump to 1.35 besides other things contains fix for CVE-2017-12865
* Tue Oct 13 2015 sleep_walkerAATTopensuse.org- bumpt to 1.30 Fix issue with pending DNS request during server change. Fix issue with empty strings in nameservers configuration. Fix issue with time servers during IP configuration change. Fix issue with 4-way handshake during roaming. Fix issue with open WiFi networks security. Fix issue with support for WiFi AnonymousIdentity. Fix issue with memory leak and DHCPv6 DUID handling. Fix issue with DHCP client and P2P interaction. Fix issue with handling provision file updates. Fix issue with VPN state updates. Disable 6to4 support by default.- add keyring file- clean with spec-cleaner- fix builds for all possible distributions and architectures
* Fri Aug 07 2015 sleep_walkerAATTopensuse.org- bump to 1.29 Fix issue with IPv6 autoconfiguration when disabled. Fix issue with IPv6 temporary route handling. Fix issue with IPv6 timers for nameservers. Fix issue with DHPCv6 and route configuration. Fix issue with DHCPv6 source port and buggy servers. Fix issue with DHCPv6 rapid commit option length. Fix issue with DHCPv6 rapid commit error handling. Fix issue with handling invalid WiFi passphrases. Fix issue with connecting Ethernet devices. Add support for Ethernet and VLAN usage.
* Fri Feb 06 2015 sleep_walkerAATTsuse.cz- bump to 1.28 ver 1.28: Fix issue with DHCPv6 re-transmission timer. Fix issue with DHCP service ID option byte order. Fix issue with IPv6 connections and SLAAC/DHCPv6. Fix issue with telephony and IPv6 autoconfiguration. Fix issue with Bluetooth technology setting changes. Fix issue with WiFi autoscan interval calculation. Fix issue with WiFi and missing BSS signal strength. Add support for IPv4 information for WiFi Display. ver 1.27: Fix issue with memory leak in IP configuration. Fix issue with providing random numbers for DHCP. Fix issue with handling IN_MOVED_TO inotify events. Fix issue with channel selection for WiFi scanning. Add support for handling Bluetooth GN and PANU roles. ver 1.26: Fix issue with missing WiFi security provisioning support. Fix issue with immutable setting and provisioned services. Fix issue with scheduling DNS cache cleanup procedure. Fix issue with IPv6 Privacy setting on service removal. Fix issue with DHCPv6 CONFIRM message sending procedure. Fix issue with DHCPv6 lease expiration handling support. Fix issue with DHCPv4 networks and broadcast flag handling. Fix issue with DHCPv4 networks without gateway configuration. Fix issue with P2P Peer authorization handling. Fix issue with P2P Peer service registration. Add support for WiFi Display information elements. Add support for systemd-hostnamed integration. ver 1.25: Fix issue with handling rebind timer for DHCPv6. Fix issue with handling DHCP renew transaction. Fix issue with user supplied proxy settings and DHCP. Fix issue with extra status codes from captive portals. Fix issue with service idle state reset on failure. Fix issue with DNS label compression handling. Add support for experimental P2P Peer service. ver 1.24: Fix issue with handling slave interfaces. Fix issue with handling DHCPv4 broadcast flag. Fix issue with handling DHCPv4 lease expiration. Fix issue with handling WiFi auto-scanning timeout. Fix issue with handling domain and DNS server changes. Fix issue with double free and agent messages. ver 1.23: Fix issue with memory leak in technology handling. Fix issue with not removing host route of OpenVPN. Fix issue with double free in DHCP cleanup handling. Fix issue with handling DHCP method from oFono. Fix issue with IPv6-PD when disabling tethering. Fix issue with DNS proxy when disabling tethering. Fix issue with Bluetooth start and stop interaction. Fix issue with Bluetooth PAN networks on adapter change. ver 1.22: Fix issue with WPS state synchronization. Fix issue with DNS servers and default service. Fix issue with DHCP client and rebooting state. Add support for NTP exponential backoff handling. Add support for NTP kiss-of-death packet handling. Add support for Ethernet gadget networking.