drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in NetworkManager
Name: |
Mangelnde Rechteprüfung in NetworkManager |
|
ID: |
FEDORA-2011-9005 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 15 |
|
Datum: |
Do, 7. Juli 2011, 10:43 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2176 |
|
Applikationen: |
NetworkManager |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2011-9005 2011-07-03 18:51:44 ------------------------------------------------------------------------------- -
Name : NetworkManager Product : Fedora 15 Version : 0.8.9997 Release : 5.git20110702.fc15 URL : http://www.gnome.org/projects/NetworkManager/ Summary : Network connection manager and user applications Description : NetworkManager is a system network service that manages your network devices and connections, attempting to keep active network connectivity when available. It manages ethernet, WiFi, mobile broadband (WWAN), and PPPoE devices, and provides VPN integration with a variety of different VPN services.
------------------------------------------------------------------------------- - Update Information:
This update ensures that users are authorized to start shared wifi connections, and includes fixes to retry failed connections after a period of time. It also ensures that 'always ask' 802.1x passwords (like RSA Token codes) are asked for again immediately if they fail, and adds the capability to blacklist certain devices from using a wired or wifi connection. ------------------------------------------------------------------------------- - ChangeLog:
* Sat Jul 2 2011 Dan Williams <dcbw@redhat.com> - 0.8.9997-5.git20110702 - core: ensure users are authorized for shared wifi connections (CVE-2011-2176) (rh #715492) - core: retry failed connections after 5 minute timeout - core: immediately request new 802.1x 'always ask' passwords if they fail - core: add MAC blacklisting capability for WiFi and Wired connections - core: retry failed connections when new users log in (rh #706204) - applet: updated translations - core: drop compat interface now that KDE bits are updated to NM 0.9 API * Mon Jun 20 2011 Dan Williams <dcbw@redhat.com> - 0.8.9997-4.git20110620 - core: don't cache "(none)" hostname at startup (rh #706094) - core: fix handling of VPN connections with only system-owned secrets - core: fix optional waiting for networking at startup behavior (rh #710502) - ifcfg-rh: fix possible crashes in error cases - ifcfg-rh: fix various IPv4 and IPv6 handling issues - applet: add notifications of GSM mobile broadband registration status - editor: move secrets when making connections available to all users or private - applet: don't show irrelevant options when asking for passwords * Mon Jun 13 2011 Dan Williams <dcbw@redhat.com> - 0.8.9997-3.git20110613 - keyfile: better handling of missing certificates/private keys - core: fix issues handling "always-ask" wired and WiFi 802.1x connections (rh #703785) - core: fix automatic handling of hidden WiFi networks (rh #707406) - editor: fix possible crash after reading network connections (rh #706906) - editor: make Enter/Return key close WiFi password dialogs (rh #708666) * Fri Jun 3 2011 Dan Williams <dcbw@redhat.com> - 0.8.9997-2.git20110531 - Bump for CVE-2011-1943 (no changes, only a rebuild) * Tue May 31 2011 Dan Williams <dcbw@redhat.com> - 0.8.9997-1.git20110531 - editor: fix resizing of UI elements (rh #707269) - core: retry wired connections when cable is replugged - core: fix a few warnings and remove some left-over debugging code * Thu May 26 2011 Dan Williams <dcbw@redhat.com> - 0.8.999-3.git20110526 - compat: fix activation/deactivation of VPN connections (rh #699786) - core: fix autodetection of previously-used hidden wifi networks - core: silence error if ConsoleKit database does not yet exist (rh #695617) - core: fix Ad-Hoc frequency handling (rh #699203) - core: fixes for migrated OpenConnect VPN plugin connections - core: various fixes for VPN connection secrets handling - core: send only short hostname to DHCP servers (rh #694758) - core: better handling of PKCS#8 private keys - core: fix dispatcher script interface name handling - editor: fix potential crash when connection is invalid (rh #704848) - editor: allow _ as a valid character for GSM APNs ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #709662 - CVE-2011-2176 NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks https://bugzilla.redhat.com/show_bug.cgi?id=709662 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update NetworkManager' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|