[SECURITY] Fedora 14 Update: NetworkManager-

updates at fedoraproject.org updates at fedoraproject.org
Sat Oct 8 18:02:34 UTC 2011

Fedora Update Notification
2011-09-27 22:30:03

Name        : NetworkManager
Product     : Fedora 14
Version     :
Release     : 1.git20110927.fc14
URL         : http://www.gnome.org/projects/NetworkManager/
Summary     : Network connection manager and user applications
Description :
NetworkManager is a system network service that manages your network devices
and connections, attempting to keep active network connectivity when available.
It manages ethernet, WiFi, mobile broadband (WWAN), and PPPoE devices, and
provides VPN integration with a variety of different VPN services.

Update Information:

This update fixes security issue in ifcfg-rh plugin (CVE-2011-3364). In addition, it updates to 0.8.6-rc1.

* Tue Sep 27 2011 Jiří Klimeš <jklimes at redhat.com> -
- Update to (0.8.6-rc1) + git snapshot
- core: ifcfg-rh: remove newlines when writing to ifcfg files (CVE-2011-3364) (rh #737338)
- core: use '@interface' for link-local DNS servers in the dnsmasq config
- core: ensure NM can talk to newly installed VPN plugins (fdo #39463)
- core: fix crash in ifcfg-rh plugin when system bus isn't around
- core: add "Uuid" property to ActiveConnection interface
- core: add 802.1X setting properties for subject and altsubject matches
* Tue Jul 19 2011 Dan Williams <dcbw at redhat.com> -
- Update to 0.8.6-beta2
- core: append interface name for IPv6 link-local DNS server addresses (rh #720001)
- core: read anonymous identify for 802.1x PEAP connections (rh #708436)
- core: fix setting hostname from DHCP options (rh #719100)
- applet: don't show irrelevant security options during password requests
- applet: show notifications on CDMA home/roaming changes
* Wed Jun 22 2011 Jiří Klimeš <jklimes at redhat.com> - 0.8.4-2.git20110622
- core: respect PolicyKit permissions for creating shared WiFi networks (rh #709662)
- core: fix up checks for s390 CTC device type (bgo #649025)
- core: recognize platform 'gadget' devices
- core: only send hostname without domain as host-name option (rh #694758)
- core: clear 'invalid' connection tag when cable is re-plugged
- core: fix crash requesting system VPN secrets (bgo #651710)
- core: add MAC address blacklisting feature for WiFi and ethernet connections
- core: allow _ as a valid character for GSM APNs
- wifi: always fix up Ad-Hoc frequency when connecting (rh #699203)
- keyfile: better handle cert/key files that don't exist (bgo #649807)
- keyfile: ignore .pem and .der file changes
- editor: improve usability for entering manual IP addresses and routes (rh #698199) (bgo #607678)
- editor: don't crash in edit_done_cb() when connection is invalid (rh #704848)
- editor: don't allow inserting as destination and netmask for IPv4 routes
- editor: allow _ as a valid character for GSM APNs
- applet: ensure entries activate default button if Enter is pressed (rh #622487)
- applet: add gsm registration status notification
- applet: filter APN entry characters in mobile-wizard
* Wed Apr 20 2011 Dan Williams <dcbw at redhat.com> - 0.8.4-1
- Update to 0.8.4
- core: fix crash starting VPN connections
- core: write usable DNS configuration on shutdown when local caching nameserver is used
- ifcfg-rh: fix writing out wifi connections changed from WPA to open (rh #695604)
* Thu Apr 14 2011 Dan Williams <dcbw at redhat.com> -
- fix location of nm-version.h again
* Thu Apr 14 2011 Dan Williams <dcbw at redhat.com> -
- Update to (0.8.4-rc2)
- core: ensure correct supplicant options are used for wired 802.1x
- core: fix handling of S390/Hercules CTC network interfaces (rh #641986)
- core: fix handling of infinite IPv6 RDNSS timeouts (rh #689291)
- core: fix handling of WWAN enable/disable states
- core: support Easytether interfaces for Android phones
- editor: fix crash when scrolling through connection lists (rh #688844)
- applet: fix crash after using the wifi or wired secrets dialogs (rh #688535)
- applet: fix handling of "always ask" passwords (rh #692519) (rh #692578)
- editor: ensure all pages are sensitive after retrieving secrets (rh #670217)
- ifcfg-rh: fix handling of s390 CTC devices and configuration (rh #641986)
- ifcfg-rh: harmonize handling if IPADDR/PREFIX/NETMASK with initscripts (rh #658907)
* Thu Mar 24 2011 Dan Williams <dcbw at redhat.com> -
- nm-version.h should be in NetworkManager-devel, not -glib-devel (rh #685442)
* Fri Mar 18 2011 Dan Williams <dcbw at redhat.com> -
- Update to (0.8.4-rc1)
- applet: don't overwrite already migrated certificate paths (rh #682288)
- core: fix some mistakenly invisible libnm-glib symbols
* Thu Mar  3 2011 Dan Williams <dcbw at redhat.com> -
- Update to (0.8.4-beta3)
- editor: fix crash requesting VPN secrets (rh #680707)
- core: keep connection timestamps in lookaside file, not in /etc
* Fri Feb 25 2011 Dan Williams <dcbw at redhat.com> -
- Update to (0.8.4-beta2)
- core: fix secrets handling (rh #680385)
* Thu Feb 24 2011 Dan Williams <dcbw at redhat.com> -
- Update to (0.8.4-beta1)
- core: send hostname to DHCP server by default (rh #488975)
- core: fix updating resolv.conf (rh #672282)
- core: ensure devices are cleaned up when removed
- core: handle reverse DNS in local caching nameserver configurations
- core: IPv6 addressing, routing, and compliance fixes
- core: stop touching /etc/hosts (rh #648725)
- core: fix shutdown crashes (rh #676316)
- core: suppress messages about missing user settings service (rh #655322)
- core: seamless support for RFC3442 classless static routes (rh #639935)
- wifi: fix validity checks for Ad-Hoc APs (rh #632123)
- modem: fixes for T-Mobile Rocket 2.0 modems
- keyfile: ignore MAC address case for unmanaged-devices (rh #654714)
- ifcfg-rh: fix crash when writing connections with missing IPv4 settings (rh #655002)
- ifcfg-rh: allow missing or GATEWAYx keys (rh #647992)
- ifcfg-rh: respect GATEWAYDEV for ibft/iSCSI configurations (rh #665027)
- ifcfg-rh: read/write IPv6 gateway correctly (rh #604334, rh #666078)
- ifcfg-rh: fix missing connections when an unmanaged interface is present
- applet: fix crashes related to missing icons (rh #657352)
- applet: show IPv6 details in Connection Information dialog (rh #591929)
* Wed Nov  3 2010 Dan Williams <dcbw at redhat.com> - 0.8.2-1
- Update to 0.8.2
* Mon Nov  1 2010 Dan Williams <dcbw at redhat.com> - 0.8.1-10
- core: preserve WiFi Enabled state across reboot and suspend/resume

  [ 1 ] Bug #737338 - CVE-2011-3364 NetworkManager: Console user can escalate to root via newlines in ifcfg-rh connection name

This update can be installed with the "yum" update program.  Use 
su -c 'yum update NetworkManager' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list