Explore top 10 tips to secure your open-source projects now. Read More
×
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-20114 http://linux.oracle.com/errata/ELSA-2025-20114.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: NetworkManager-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-adsl-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-bluetooth-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-config-connectivity-oracle-1.48.10-5.0.3.el9_5.noarch.rpm NetworkManager-config-server-1.48.10-5.0.3.el9_5.noarch.rpm NetworkManager-initscripts-updown-1.48.10-5.0.3.el9_5.noarch.rpm NetworkManager-libnm-1.48.10-5.0.3.el9_5.i686.rpm NetworkManager-libnm-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-team-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-tui-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-wifi-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-wwan-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-cloud-setup-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-dispatcher-routing-rules-1.48.10-5.0.3.el9_5.noarch.rpm NetworkManager-ovs-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-ppp-1.48.10-5.0.3.el9_5.x86_64.rpm NetworkManager-libnm-devel-1.48.10-5.0.3.el9_5.i686.rpm NetworkManager-libnm-devel-1.48.10-5.0.3.el9_5.x86_64.rpm aarch64: NetworkManager-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-adsl-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-bluetooth-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-config-connectivity-oracle-1.48.10-5.0.3.el9_5.noarch.rpm NetworkManager-config-server-1.48.10-5.0.3.el9_5.noarch.rpm NetworkManager-initscripts-updown-1.48.10-5.0.3.el9_5.noarch.rpm NetworkManager-libnm-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-team-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-tui-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-wifi-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-wwan-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-cloud-setup-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-dispatcher-routing-rules-1.48.10-5.0.3.el9_5.noarch.rpm NetworkManager-ovs-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-ppp-1.48.10-5.0.3.el9_5.aarch64.rpm NetworkManager-libnm-devel-1.48.10-5.0.3.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//NetworkManager-1.48.10-5.0.3.el9_5.src.rpm Description ofchanges: [1.48.10-5.0.3] - Drop 777 permissions from the NetworkManager-dispatcher drop-in directory [Orabug: 37581907] [1.48.10-5.0.2] - Add a dropin file to make Networkmanager-dispatcher persistent [Orabug: 36989910] _______________________________________________ El-errata mailing list
A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of . MGASA-2024-0356 - Updated networkmanager-libreswan packages fix security vulnerability Publication date: 12 Nov 2024 URL: https://advisories.mageia.org/MGASA-2024-0356.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-9050 A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the "leftupdown" key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system's network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine by creating a malicious configuration. (CVE-2024-9050) References: - https://bugs.mageia.org/show_bug.cgi?id=33709 - https://www.openwall.com/lists/oss-security/2024/10/25/1 - https://www.cve.org/CVERecord?id=CVE-2024-9050 SRPMS: - 9/core/networkmanager-libreswan-1.2.24-1.mga9 . Mageia's MGASA-2024-0357 enhances kernel-package to rectify a significant vulnerability, bolstering system integrity.. libreswan plugin, networkmanager security, mageia advisory, VPN configuration, privilege escalation. . Severity: Critical. LinuxSecurity.com Team
An update for NetworkManager is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: NetworkManager security, bug fix, and enhancement update Advisory ID: RHSA-2021:4361-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4361 Issue date: 2021-11-09 CVE Names: CVE-2020-13529 ==================================================================== 1. Summary: An update for NetworkManager is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux CRB (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. The following packages have been upgraded to a later upstream version: NetworkManager (1.32.10). (BZ#1934465) Security Fix(es): * systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured (CVE-2020-13529) For more details about thesecurity issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1791212 - [Azure][RHEL8][RFE] add a secondary ip to the primary/first interface of a redhat instance automatically when the change is applied on the infrastructure side 1820770 - Keepalived assignment of a deprecated IPv6 Virtual IP triggers "set hostname" 1825666 - ipv6 nfs mount point does not mount automatically at boot, remote-fs-pre.target starts too early and conflicts with network start up 1832112 - Document the type of each LLDP attribute of libnm 1832273 - LLDP: add lldp status device property 1847125 - [RFE] Improve 20% performance on creating 1000 bridge over 1000 VLANs 1847894 - Describe qdiscs and tfilters in nm-settings manpage 1852317 - [RFE] Ability to report DNS_SEARCH field via nmcli 1890234 - NetworkManager behavior for bonds + mtu changes from 8.1 to 8.2 1899372 - [RFE] Support pause parameters of ethtool [rhel-8] 1907960 - Cannot create VLAN interface with name `vlan0` 1912236 - [Azure][RHEL-8.5] nm-cloud-setup.service makes network connectivity loss 1912423 - [NMCI] [abrt] [faf] NetworkManager: raise(): /usr/sbin/NetworkManager killed by 6 1915276 - crash when deleting veth device profile 1915278 - null error when deleting veth device 1928078 - Provide a way to ignore existing TC qdiscs and filters1933719 - [abrt] [faf] NetworkManager: _g_log_abort(): /usr/sbin/NetworkManager killed by 5 1934122 - nmcli shows 2 connections when using an ip argument in the kernel cmdline 1934291 - wpa_supplicant.service stops with systemctl isolate mulit-user.target runlevelchange 1934465 - Rebase NetworkManager to latest upstream release in RHEL 8.5 1935842 - [RFE] Add bridge_role in 802-3-ethernet.s390-options using nmcli 1936610 - setting MTU on VLAN subinterface of bonded interface is ignored 1940435 - When adding host to RHV-M with LACP bond, '"ad_actor_system=00:00:00:00:00:00' is seen in messages again [rhel-8.5] 1940504 - Support for ip= boot argument with static IP and no interface specified [rhel-8.5.0] 1940934 - RFE: need kernel command line options to configure NICs with autoneg=off speed=1000 1942331 - [RFE] Allow to set physical interfaces in promiscuous mode [NM] 1945282 - [NMCI] Automatic connection not removed when veth device gets removed 1955101 - [NMCI] NM_reboot_openvswitch_vlan_configuration failure 1959397 - CVE-2020-13529 systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured 1959461 - NetworkManager ignoring Classless routes 1959934 - NetworkManager doesn't honour tlb_dynamic_lb=0 when creating a bonding device with mode=balance-alb 1959961 - [SNO][assisted-operator][nmstate] Bond Interface is down when booting from the discovery ISO 1970335 - Incorrect set hostname to localhost using DNS reverse lookup of ipv6 address 1971527 - Static route on latest AWS RHEL 8.4 AMI not taking affect using nmcli 1973199 - [NMCI] crash when networking disabled in ovs 1977984 - [nm-cloud-setup] [AWS] default route inter-feres with other subnets on the VM (making containers unreachable) [rhel-8.5] 1979192 - NetworkManager configures wrong, spurious "local" route for IP address after DHCP address change 1979387 - [RFE] support "filename" DHCP option for network boot with nm-initrd-generator 1982403 - [NMCI] ovs_set_firewalld_zone test fail 1988751 - Incosistent behavior in the order of IPv6 addresses at boot vs. when restarting NetworkManager 2004212 - IPv6 Default gateway deleted from routing table 6. Package List: Red Hat Enterprise Linux AppStream (v.8): aarch64: NetworkManager-adsl-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-cloud-setup-1.32.10-4.el8.aarch64.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-debugsource-1.32.10-4.el8.aarch64.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.aarch64.rpm ppc64le: NetworkManager-adsl-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-cloud-setup-1.32.10-4.el8.ppc64le.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-debugsource-1.32.10-4.el8.ppc64le.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.ppc64le.rpm s390x: NetworkManager-adsl-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-cloud-setup-1.32.10-4.el8.s390x.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-debugsource-1.32.10-4.el8.s390x.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.s390x.rpm x86_64: NetworkManager-adsl-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-cloud-setup-1.32.10-4.el8.x86_64.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-debugsource-1.32.10-4.el8.x86_64.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v.8): Source: NetworkManager-1.32.10-4.el8.src.rpm aarch64: NetworkManager-1.32.10-4.el8.aarch64.rpm NetworkManager-adsl-1.32.10-4.el8.aarch64.rpm NetworkManager-adsl-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-bluetooth-1.32.10-4.el8.aarch64.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-debugsource-1.32.10-4.el8.aarch64.rpm NetworkManager-libnm-1.32.10-4.el8.aarch64.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-ovs-1.32.10-4.el8.aarch64.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-ppp-1.32.10-4.el8.aarch64.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-team-1.32.10-4.el8.aarch64.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-tui-1.32.10-4.el8.aarch64.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-wifi-1.32.10-4.el8.aarch64.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-wwan-1.32.10-4.el8.aarch64.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.aarch64.rpm noarch: NetworkManager-config-connectivity-redhat-1.32.10-4.el8.noarch.rpm NetworkManager-config-server-1.32.10-4.el8.noarch.rpm NetworkManager-dispatcher-routing-rules-1.32.10-4.el8.noarch.rpm ppc64le: NetworkManager-1.32.10-4.el8.ppc64le.rpm NetworkManager-adsl-1.32.10-4.el8.ppc64le.rpm NetworkManager-adsl-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-bluetooth-1.32.10-4.el8.ppc64le.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-debugsource-1.32.10-4.el8.ppc64le.rpm NetworkManager-libnm-1.32.10-4.el8.ppc64le.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-ovs-1.32.10-4.el8.ppc64le.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-ppp-1.32.10-4.el8.ppc64le.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-team-1.32.10-4.el8.ppc64le.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-tui-1.32.10-4.el8.ppc64le.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-wifi-1.32.10-4.el8.ppc64le.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-wwan-1.32.10-4.el8.ppc64le.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.ppc64le.rpm s390x: NetworkManager-1.32.10-4.el8.s390x.rpm NetworkManager-adsl-1.32.10-4.el8.s390x.rpm NetworkManager-adsl-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-bluetooth-1.32.10-4.el8.s390x.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-debugsource-1.32.10-4.el8.s390x.rpm NetworkManager-libnm-1.32.10-4.el8.s390x.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-ovs-1.32.10-4.el8.s390x.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-ppp-1.32.10-4.el8.s390x.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-team-1.32.10-4.el8.s390x.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-tui-1.32.10-4.el8.s390x.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-wifi-1.32.10-4.el8.s390x.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-wwan-1.32.10-4.el8.s390x.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.s390x.rpm x86_64: NetworkManager-1.32.10-4.el8.x86_64.rpm NetworkManager-adsl-1.32.10-4.el8.x86_64.rpm NetworkManager-adsl-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-adsl-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-bluetooth-1.32.10-4.el8.x86_64.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-debugsource-1.32.10-4.el8.i686.rpm NetworkManager-debugsource-1.32.10-4.el8.x86_64.rpm NetworkManager-libnm-1.32.10-4.el8.i686.rpm NetworkManager-libnm-1.32.10-4.el8.x86_64.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-ovs-1.32.10-4.el8.x86_64.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-ppp-1.32.10-4.el8.x86_64.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-team-1.32.10-4.el8.x86_64.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-tui-1.32.10-4.el8.x86_64.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-wifi-1.32.10-4.el8.x86_64.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-wwan-1.32.10-4.el8.x86_64.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.x86_64.rpm Red Hat Enterprise Linux CRB (v.8): aarch64: NetworkManager-adsl-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-debugsource-1.32.10-4.el8.aarch64.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-libnm-devel-1.32.10-4.el8.aarch64.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.aarch64.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.aarch64.rpm ppc64le: NetworkManager-adsl-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-debugsource-1.32.10-4.el8.ppc64le.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-libnm-devel-1.32.10-4.el8.ppc64le.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.ppc64le.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.ppc64le.rpm s390x: NetworkManager-adsl-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-debugsource-1.32.10-4.el8.s390x.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-libnm-devel-1.32.10-4.el8.s390x.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.s390x.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.s390x.rpm x86_64: NetworkManager-adsl-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-adsl-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-bluetooth-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-cloud-setup-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-debugsource-1.32.10-4.el8.i686.rpm NetworkManager-debugsource-1.32.10-4.el8.x86_64.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-libnm-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-libnm-devel-1.32.10-4.el8.i686.rpm NetworkManager-libnm-devel-1.32.10-4.el8.x86_64.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-ovs-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-ppp-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-team-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-tui-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-wifi-debuginfo-1.32.10-4.el8.x86_64.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.i686.rpm NetworkManager-wwan-debuginfo-1.32.10-4.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2020-13529 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/8.5_release_notes/index 8. Contact: The Red Hat security contact is . More contact details athttps://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYrcUdzjgjWX9erEAQgdhg/8C6TjNW8eIyGE16VKyx1OJTMXLPEDKcvm m/eIVHKGw6mKialtuh6t0jVq26tf59rq2iG2cT8CEkrv36xMbg/lGY0AmGCmgweZ tvaBo9Pz1O8KX7IsRTMZUMVRbEpNuNBPGS4yENOxK9agiVu/sJIFPR/hF7Q6UBVI 1r3cKbf9mpnQSEt/oxGhS64GULi2x7WdCiPibVdp8BYqK+XkOpDOf4J+MthAFbkL H5SgOPypvqLvk2UzrAhaQbDLPCbAwg3wQu1pO4BNDPXBuWKrs+zWQURuMXThvaTj 6Yo0pTsmO3V1r8yVDdkN7jrfwkSIVpmOuGc0OIxu7RQ93yExp8HVb9czN3NyJubd 0mGndeYWuyMipHZAiv54lhM8m75s3jNzckvELZykrJZgVOraoykUX2AILUm1Bv3Q yUqfJ4pCb9j3jz/wf2SvwSgkSIMcl87CwQACbodoHSRFHjHY+2lOfLDjVV+BV9VN gHhphNT6z+8/bXHEx08hw04jqd24LEXrxDHPsePLo9SOPSOgpZLCmtsKHwSa7Fz7 XPV/S80hd/dy4JnInsMEs/opx0DWQcnQstrrcnP4TYa4HLFFLU7ZiUp2KpJg0j9E PArjldOxt5mxuuLHTKvT3PRfrikOoJbZy26fNs0cs7bJf/5vSJ2+LaOTjsbNEESj G9BiUUJexWs=pPOT -----END PGP SIGNATURE----- -- RHSA-announce mailing list
An update for NetworkManager is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: NetworkManager security and bug fix update Advisory ID: RHSA-2020:4003-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:4003 Issue date: 2020-09-29 CVE Names: CVE-2020-10754 ==================================================================== 1. Summary: An update for NetworkManager is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Security Fix(es): *NetworkManager: user configuration not honoured leaving the connection unauthenticated via insecure defaults (CVE-2020-10754) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1706646 - The network target is reached before IPv6 adresses are assigned 1737774 - [abrt] [faf] NetworkManager: raise(): /usr/sbin/NetworkManager killed by 6 1758550 - conditional statements from dhclient.conf not merged 1765566 - Bringing up one slave of team0 also brings up team1 1785039 - nmcli command to add ipv4.gateway does not work when DEFROUTE=no and throws no error 1797915 - [abrt] [faf] g_ascii_strtoll() for "10" failed with errno=11 (Resource temporarily unavailable) 1832170 - Cannot bring up ip6gre tunnel connection via NetworkManager 1841041 - CVE-2020-10754 NetworkManager: user configuration not honoured leaving the connection unauthenticated via insecure defaults 6. Package List: Red Hat Enterprise Linux Client (v.7): Source: NetworkManager-1.18.8-1.el7.src.rpm x86_64: NetworkManager-1.18.8-1.el7.x86_64.rpm NetworkManager-adsl-1.18.8-1.el7.x86_64.rpm NetworkManager-bluetooth-1.18.8-1.el7.x86_64.rpm NetworkManager-debuginfo-1.18.8-1.el7.i686.rpm NetworkManager-debuginfo-1.18.8-1.el7.x86_64.rpm NetworkManager-glib-1.18.8-1.el7.i686.rpm NetworkManager-glib-1.18.8-1.el7.x86_64.rpm NetworkManager-libnm-1.18.8-1.el7.i686.rpm NetworkManager-libnm-1.18.8-1.el7.x86_64.rpm NetworkManager-ppp-1.18.8-1.el7.x86_64.rpm NetworkManager-team-1.18.8-1.el7.x86_64.rpm NetworkManager-tui-1.18.8-1.el7.x86_64.rpm NetworkManager-wifi-1.18.8-1.el7.x86_64.rpm NetworkManager-wwan-1.18.8-1.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: NetworkManager-dispatcher-routing-rules-1.18.8-1.el7.noarch.rpm x86_64: NetworkManager-debuginfo-1.18.8-1.el7.i686.rpm NetworkManager-debuginfo-1.18.8-1.el7.x86_64.rpm NetworkManager-glib-devel-1.18.8-1.el7.i686.rpm NetworkManager-glib-devel-1.18.8-1.el7.x86_64.rpm NetworkManager-libnm-devel-1.18.8-1.el7.i686.rpm NetworkManager-libnm-devel-1.18.8-1.el7.x86_64.rpm NetworkManager-ovs-1.18.8-1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: NetworkManager-1.18.8-1.el7.src.rpm x86_64: NetworkManager-1.18.8-1.el7.x86_64.rpm NetworkManager-adsl-1.18.8-1.el7.x86_64.rpm NetworkManager-bluetooth-1.18.8-1.el7.x86_64.rpm NetworkManager-debuginfo-1.18.8-1.el7.i686.rpm NetworkManager-debuginfo-1.18.8-1.el7.x86_64.rpm NetworkManager-glib-1.18.8-1.el7.i686.rpm NetworkManager-glib-1.18.8-1.el7.x86_64.rpm NetworkManager-libnm-1.18.8-1.el7.i686.rpm NetworkManager-libnm-1.18.8-1.el7.x86_64.rpm NetworkManager-ppp-1.18.8-1.el7.x86_64.rpm NetworkManager-team-1.18.8-1.el7.x86_64.rpm NetworkManager-tui-1.18.8-1.el7.x86_64.rpm NetworkManager-wifi-1.18.8-1.el7.x86_64.rpm NetworkManager-wwan-1.18.8-1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v.7): noarch: NetworkManager-dispatcher-routing-rules-1.18.8-1.el7.noarch.rpm x86_64: NetworkManager-debuginfo-1.18.8-1.el7.i686.rpm NetworkManager-debuginfo-1.18.8-1.el7.x86_64.rpm NetworkManager-glib-devel-1.18.8-1.el7.i686.rpm NetworkManager-glib-devel-1.18.8-1.el7.x86_64.rpm NetworkManager-libnm-devel-1.18.8-1.el7.i686.rpm NetworkManager-libnm-devel-1.18.8-1.el7.x86_64.rpm NetworkManager-ovs-1.18.8-1.el7.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: NetworkManager-1.18.8-1.el7.src.rpm noarch: NetworkManager-config-server-1.18.8-1.el7.noarch.rpm ppc64: NetworkManager-1.18.8-1.el7.ppc64.rpm NetworkManager-adsl-1.18.8-1.el7.ppc64.rpm NetworkManager-bluetooth-1.18.8-1.el7.ppc64.rpm NetworkManager-debuginfo-1.18.8-1.el7.ppc.rpm NetworkManager-debuginfo-1.18.8-1.el7.ppc64.rpm NetworkManager-glib-1.18.8-1.el7.ppc.rpm NetworkManager-glib-1.18.8-1.el7.ppc64.rpm NetworkManager-libnm-1.18.8-1.el7.ppc.rpm NetworkManager-libnm-1.18.8-1.el7.ppc64.rpm NetworkManager-ppp-1.18.8-1.el7.ppc64.rpm NetworkManager-team-1.18.8-1.el7.ppc64.rpm NetworkManager-tui-1.18.8-1.el7.ppc64.rpm NetworkManager-wifi-1.18.8-1.el7.ppc64.rpm NetworkManager-wwan-1.18.8-1.el7.ppc64.rpm ppc64le: NetworkManager-1.18.8-1.el7.ppc64le.rpm NetworkManager-adsl-1.18.8-1.el7.ppc64le.rpm NetworkManager-bluetooth-1.18.8-1.el7.ppc64le.rpm NetworkManager-debuginfo-1.18.8-1.el7.ppc64le.rpm NetworkManager-glib-1.18.8-1.el7.ppc64le.rpm NetworkManager-libnm-1.18.8-1.el7.ppc64le.rpm NetworkManager-ppp-1.18.8-1.el7.ppc64le.rpm NetworkManager-team-1.18.8-1.el7.ppc64le.rpm NetworkManager-tui-1.18.8-1.el7.ppc64le.rpm NetworkManager-wifi-1.18.8-1.el7.ppc64le.rpm NetworkManager-wwan-1.18.8-1.el7.ppc64le.rpm s390x: NetworkManager-1.18.8-1.el7.s390x.rpm NetworkManager-adsl-1.18.8-1.el7.s390x.rpm NetworkManager-bluetooth-1.18.8-1.el7.s390x.rpm NetworkManager-debuginfo-1.18.8-1.el7.s390.rpm NetworkManager-debuginfo-1.18.8-1.el7.s390x.rpm NetworkManager-glib-1.18.8-1.el7.s390.rpm NetworkManager-glib-1.18.8-1.el7.s390x.rpm NetworkManager-libnm-1.18.8-1.el7.s390.rpm NetworkManager-libnm-1.18.8-1.el7.s390x.rpm NetworkManager-ppp-1.18.8-1.el7.s390x.rpm NetworkManager-team-1.18.8-1.el7.s390x.rpm NetworkManager-tui-1.18.8-1.el7.s390x.rpm NetworkManager-wifi-1.18.8-1.el7.s390x.rpm NetworkManager-wwan-1.18.8-1.el7.s390x.rpm x86_64: NetworkManager-1.18.8-1.el7.x86_64.rpm NetworkManager-adsl-1.18.8-1.el7.x86_64.rpm NetworkManager-bluetooth-1.18.8-1.el7.x86_64.rpm NetworkManager-debuginfo-1.18.8-1.el7.i686.rpm NetworkManager-debuginfo-1.18.8-1.el7.x86_64.rpm NetworkManager-glib-1.18.8-1.el7.i686.rpm NetworkManager-glib-1.18.8-1.el7.x86_64.rpm NetworkManager-libnm-1.18.8-1.el7.i686.rpm NetworkManager-libnm-1.18.8-1.el7.x86_64.rpm NetworkManager-ppp-1.18.8-1.el7.x86_64.rpm NetworkManager-team-1.18.8-1.el7.x86_64.rpm NetworkManager-tui-1.18.8-1.el7.x86_64.rpm NetworkManager-wifi-1.18.8-1.el7.x86_64.rpm NetworkManager-wwan-1.18.8-1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: NetworkManager-dispatcher-routing-rules-1.18.8-1.el7.noarch.rpm ppc64: NetworkManager-debuginfo-1.18.8-1.el7.ppc.rpm NetworkManager-debuginfo-1.18.8-1.el7.ppc64.rpm NetworkManager-glib-devel-1.18.8-1.el7.ppc.rpm NetworkManager-glib-devel-1.18.8-1.el7.ppc64.rpm NetworkManager-libnm-devel-1.18.8-1.el7.ppc.rpm NetworkManager-libnm-devel-1.18.8-1.el7.ppc64.rpm NetworkManager-ovs-1.18.8-1.el7.ppc64.rpm ppc64le: NetworkManager-debuginfo-1.18.8-1.el7.ppc64le.rpm NetworkManager-glib-devel-1.18.8-1.el7.ppc64le.rpm NetworkManager-libnm-devel-1.18.8-1.el7.ppc64le.rpm NetworkManager-ovs-1.18.8-1.el7.ppc64le.rpm s390x: NetworkManager-debuginfo-1.18.8-1.el7.s390.rpm NetworkManager-debuginfo-1.18.8-1.el7.s390x.rpm NetworkManager-glib-devel-1.18.8-1.el7.s390.rpm NetworkManager-glib-devel-1.18.8-1.el7.s390x.rpm NetworkManager-libnm-devel-1.18.8-1.el7.s390.rpm NetworkManager-libnm-devel-1.18.8-1.el7.s390x.rpm NetworkManager-ovs-1.18.8-1.el7.s390x.rpm x86_64: NetworkManager-debuginfo-1.18.8-1.el7.i686.rpm NetworkManager-debuginfo-1.18.8-1.el7.x86_64.rpm NetworkManager-glib-devel-1.18.8-1.el7.i686.rpm NetworkManager-glib-devel-1.18.8-1.el7.x86_64.rpm NetworkManager-libnm-devel-1.18.8-1.el7.i686.rpm NetworkManager-libnm-devel-1.18.8-1.el7.x86_64.rpm NetworkManager-ovs-1.18.8-1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v.7): Source: NetworkManager-1.18.8-1.el7.src.rpm x86_64: NetworkManager-1.18.8-1.el7.x86_64.rpm NetworkManager-adsl-1.18.8-1.el7.x86_64.rpm NetworkManager-bluetooth-1.18.8-1.el7.x86_64.rpm NetworkManager-debuginfo-1.18.8-1.el7.i686.rpm NetworkManager-debuginfo-1.18.8-1.el7.x86_64.rpm NetworkManager-glib-1.18.8-1.el7.i686.rpm NetworkManager-glib-1.18.8-1.el7.x86_64.rpm NetworkManager-libnm-1.18.8-1.el7.i686.rpm NetworkManager-libnm-1.18.8-1.el7.x86_64.rpm NetworkManager-ppp-1.18.8-1.el7.x86_64.rpm NetworkManager-team-1.18.8-1.el7.x86_64.rpm NetworkManager-tui-1.18.8-1.el7.x86_64.rpm NetworkManager-wifi-1.18.8-1.el7.x86_64.rpm NetworkManager-wwan-1.18.8-1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: NetworkManager-dispatcher-routing-rules-1.18.8-1.el7.noarch.rpm x86_64: NetworkManager-debuginfo-1.18.8-1.el7.i686.rpm NetworkManager-debuginfo-1.18.8-1.el7.x86_64.rpm NetworkManager-glib-devel-1.18.8-1.el7.i686.rpm NetworkManager-glib-devel-1.18.8-1.el7.x86_64.rpm NetworkManager-libnm-devel-1.18.8-1.el7.i686.rpm NetworkManager-libnm-devel-1.18.8-1.el7.x86_64.rpm NetworkManager-ovs-1.18.8-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-10754 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBX3OkotzjgjWX9erEAQj03w/+MuJ+h0DBTgSdy0RPGPXNj+utCDCVYRSg LHC6EhpMxqki8V66THOmczZ/1xu49zXuBirrBaTPwYmAnZ4vNKrD3ymQDDju5Npd dFGpZ0MeDSEqbGxaWDOkswJCtKUDIhvhIYvPCfFNmlLGyhIwWe3QICZoLj9WKWpl IKx0hopRvQUYSyGzkEjmdo1lzYiFgb9hIadSOBYBWhwE33Ev1hMBGXuSGmBfZB8c 12ybbvr5ZWQtakMrBBxBlFEy65coqv/v8z885YwA8MH65jYVus3BA17Xv9SYF4Co Bv2K0i2X6B5ZbKUzAR1giwdg8NhwXThcaIfxafBRcezh8UmwDcNZCbNw9WVe8kfE ktymJ4SQnZ3xcWq7Tgy0KVFwNntl2kz9CyV0CVHYtEeQnN+9P+n4YyX0W/Rii/Mf ROmG9ftsGxVsAj3+UAZS65t7Ye6Yw6zI8FAmhsEh8QUlL6/zbcGhyAykU6WvsITp 5GyWnmx0VpicH19Ydv0FfSeEDtOkdERW5YwY2vU38ll+wn8uJSaPWThkhjuc6Jgm AGvTXGpU37ceVG5hbjsEgoXuCoVNkv0Q/0fSyZwEJv+Q40xZa5mAa5qh1SXNb+uV O2Uutm/hsIw9+xzV+G/+lO0QUDkK7DhMqmQrbq56uvNy/b8MwYHowzSel2tUtQW3 +yKG2zpM8Fo=vQU9 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely (CVE-2020-10754). . MGASA-2020-0260 - Updated networkmanager packages fix security vulnerability Publication date: 15 Jun 2020 URL: https://advisories.mageia.org/MGASA-2020-0260.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-10754 It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely (CVE-2020-10754). The networkmanager package has been updated to version 1.18.8, fixing this issue and other bugs. Also, the networkmanager-applet package has been updated to version 1.8.24. It also adds support for connecting to WPA3 / SAE protected wireless networks. gnome-control-center and gnome-shell have been fixed to correctly identify the connections as WPA3. References: - https://bugs.mageia.org/show_bug.cgi?id=26713 - https://bugs.mageia.org/show_bug.cgi?id=26673 - https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/nm-1-18/NEWS - - https://lists.fedoraproject.org/archives/list/
- Update to 1.20.12 release - ifcfg-rh: handle "802-1x.{,phase2-}ca-path" (rh #1841395, CVE-2020-10754). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-ace543feff 2020-06-14 17:10:11.229154 --------------------------------------------------------------------------------Name : NetworkManager Product : Fedora 31 Version : 1.20.12 Release : 1.fc31 URL : https://wiki.gnome.org/Apps Summary : Network connection manager and user applications Description : NetworkManager is a system service that manages network interfaces and connections based on user or automatic configuration. It supports Ethernet, Bridge, Bond, VLAN, Team, InfiniBand, Wi-Fi, mobile broadband (WWAN), PPPoE and other devices, and supports a variety of different VPN services. --------------------------------------------------------------------------------Update Information: - Update to 1.20.12 release - ifcfg-rh: handle "802-1x.{,phase2-}ca-path" (rh #1841395, CVE-2020-10754) --------------------------------------------------------------------------------ChangeLog: * Fri May 29 2020 Thomas Haller - 1:1.20.12-1 - Update to 1.20.12 release - ifcfg-rh: handle "802-1x.{,phase2-}ca-path" (rh #1841395, CVE-2020-10754) * Mon Jan 13 2020 Antonio Cardace - 1:1.20.10-1 - Update to 1.20.10 release * Mon Nov 25 2019 Lubomir Rintel - 1:1.20.8-1 - Update to 1.20.8 release * Wed Nov 6 2019 Beniamino Galvani - 1:1.20.6-1 - Update to 1.20.6 release - Fix updating agent-owned VPN secrets (rh #1767129) --------------------------------------------------------------------------------References: [ 1 ] Bug #1841041 - CVE-2020-10754 NetworkManager: user configuration not honoured leaving the connection unauthenticated via insecure defaults https://bugzilla.redhat.com/show_bug.cgi?id=1841041 --------------------------------------------------------------------------------This update can be installed with the "dnf"update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-ace543feff' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for NetworkManager ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:1369-1 Rating: moderate References: #1086263 Cross-References: CVE-2018-1000135 Affected Products: SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for NetworkManager fixes the following issues: Following security issue was fixed: - CVE-2018-1000135: A potential leak of private DNS queries to other DNS servers could happen while on VPN (bsc#1086263, bgo#746422). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 15: zypper in -t patch SUSE-SLE-Product-WE-15-2019-1369=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-1369=1 - SUSE Linux Enterprise Module for Desktop Applications 15: zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2019-1369=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-1369=1 Package List: - SUSE Linux Enterprise Workstation Extension 15 (noarch): NetworkManager-lang-1.10.6-5.6.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (noarch): NetworkManager-branding-upstream-1.10.6-5.6.1 - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64): NetworkManager-1.10.6-5.6.1 NetworkManager-debuginfo-1.10.6-5.6.1 NetworkManager-debugsource-1.10.6-5.6.1 NetworkManager-devel-1.10.6-5.6.1 libnm-glib-vpn1-1.10.6-5.6.1 libnm-glib-vpn1-debuginfo-1.10.6-5.6.1 libnm-glib4-1.10.6-5.6.1 libnm-glib4-debuginfo-1.10.6-5.6.1 libnm-util2-1.10.6-5.6.1 libnm-util2-debuginfo-1.10.6-5.6.1 typelib-1_0-NMClient-1_0-1.10.6-5.6.1 typelib-1_0-NetworkManager-1_0-1.10.6-5.6.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): NetworkManager-debuginfo-1.10.6-5.6.1 NetworkManager-debugsource-1.10.6-5.6.1 libnm0-1.10.6-5.6.1 libnm0-debuginfo-1.10.6-5.6.1 typelib-1_0-NM-1_0-1.10.6-5.6.1 References: https://www.suse.com/security/cve/CVE-2018-1000135.html https://bugzilla.suse.com/1086263 _______________________________________________ sle-security-updates mailing list
systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) SL7 x86_64 NetworkManager-1.12.0-8.el7_6.x86_64.rpm NetworkManager-adsl-1.12.0-8.el7_6.x86_64.rpm NetworkManager-bluetooth-1.12.0-8.el7_6.x86_64.rpm NetworkManager-debuginfo-1.12.0-8.el7_6.i686.rpm NetworkManager-debuginfo-1.12.0-8.el7_6.x86_64.rpm NetworkManager-glib-1.12.0 [More...]. Synopsis: Important: NetworkManager security update Advisory ID: SLSA-2018:3665-1 Issue Date: 2018-11-27 CVE Numbers: CVE-2018-15688 -- Security Fix(es): * systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) -- SL7 x86_64 NetworkManager-1.12.0-8.el7_6.x86_64.rpm NetworkManager-adsl-1.12.0-8.el7_6.x86_64.rpm NetworkManager-bluetooth-1.12.0-8.el7_6.x86_64.rpm NetworkManager-debuginfo-1.12.0-8.el7_6.i686.rpm NetworkManager-debuginfo-1.12.0-8.el7_6.x86_64.rpm NetworkManager-glib-1.12.0-8.el7_6.i686.rpm NetworkManager-glib-1.12.0-8.el7_6.x86_64.rpm NetworkManager-libnm-1.12.0-8.el7_6.i686.rpm NetworkManager-libnm-1.12.0-8.el7_6.x86_64.rpm NetworkManager-ppp-1.12.0-8.el7_6.x86_64.rpm NetworkManager-team-1.12.0-8.el7_6.x86_64.rpm NetworkManager-tui-1.12.0-8.el7_6.x86_64.rpm NetworkManager-wifi-1.12.0-8.el7_6.x86_64.rpm NetworkManager-wwan-1.12.0-8.el7_6.x86_64.rpm NetworkManager-glib-devel-1.12.0-8.el7_6.i686.rpm NetworkManager-glib-devel-1.12.0-8.el7_6.x86_64.rpm NetworkManager-libnm-devel-1.12.0-8.el7_6.i686.rpm NetworkManager-libnm-devel-1.12.0-8.el7_6.x86_64.rpm NetworkManager-ovs-1.12.0-8.el7_6.x86_64.rpm NetworkManager-1.12.0-8.el7_6.src.rpm noarch NetworkManager-config-server-1.12.0-8.el7_6.noarch.rpm NetworkManager-dispatcher-routing-rules-1.12.0-8.el7_6.noarch.rpm - Scientific Linux Development Team . Crucial patch for NetworkManager fixes a critical out-of-bounds error in SL7 environments, enhancing reliability.. NetworkManager Update, Security Risk, Systemd Issue, ScientificLinux, Out-of-Bounds Fix. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.