Paketname
networkmanager
Datum
2011-11-11
Advisory ID
MDVSA-2011:171
Betroffene Versionen
2011 i586 , 2011 x86_64

Problembeschreibung

Security issues were identified and fixed in networkmanager:

GNOME NetworkManager before 0.8.6 does not properly enforce the
auth_admin element in PolicyKit, which allows local users to bypass
intended wireless network sharing restrictions via unspecified vectors
(CVE-2011-2176).

Incomplete blacklist vulnerability in the svEscape function in
settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME
NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when
PolicyKit is configured to allow users to create new connections,
allows local users to execute arbitrary commands via a newline
character in the name for a new network connection, which is not
properly handled when writing to the ifcfg file (CVE-2011-3364).

Instead of patching networkmanager, the latest 0.8.6.0 stable
version is being provided due to the large amount of bugs fixed
upstream. Also the networkmanager-applet, networkmanager-openconnect,
networkmanager-openvpn, networkmanager-pptp, networkmanager-vpnc is
being provided with their latest 0.8.6.0 stable versions.

The provided packages solves these security vulnerabilities.

Aktualisierte Pakete

2011 i586

 c530bf1caf9f0c7a893dc6fb5c12199e  2011/i586/libnm-glib2-0.8.6.0-0.1-mdv2011.0.i586.rpm
 ebc62339c61d69de533ff547424b33da  2011/i586/libnm-glib-devel-0.8.6.0-0.1-mdv2011.0.i586.rpm
 5d6f29391291ef36852288cadae40d95  2011/i586/libnm-glib-vpn1-0.8.6.0-0.1-mdv2011.0.i586.rpm
 6087abf2686821434eb3afc51912437e  2011/i586/libnm-glib-vpn-devel-0.8.6.0-0.1-mdv2011.0.i586.rpm
 b8977f7ed13a0294a7ebbaadee039428  2011/i586/libnm-util1-0.8.6.0-0.1-mdv2011.0.i586.rpm
 c1600e19ab5b04e35287079c9be02738  2011/i586/libnm-util-devel-0.8.6.0-0.1-mdv2011.0.i586.rpm
 4414ce4ae05cf979afd44680876c8391  2011/i586/networkmanager-0.8.6.0-0.1-mdv2011.0.i586.rpm
 958dd23cbafd3b408754a4a579ac22ba  2011/i586/networkmanager-applet-0.8.6.0-0.1-mdv2011.0.i586.rpm
 ba3dede9e2b3c1fa30f43bd19039b7ab  2011/i586/networkmanager-openconnect-0.8.6.0-0.1-mdv2011.0.i586.rpm
 d50dcbedbde986d3942498fd1f5474b1  2011/i586/networkmanager-openvpn-0.8.6.0-0.1-mdv2011.0.i586.rpm
 0f360660a076e002d0159d7ad01dc8ac  2011/i586/networkmanager-pptp-0.8.6.0-0.1-mdv2011.0.i586.rpm
 7c55fc8d1ed0039d9f8457778600de5e  2011/i586/networkmanager-vpnc-0.8.6.0-0.1-mdv2011.0.i586.rpm 
 9646534c9bb96c7f92a63179ae540e7f  2011/SRPMS/networkmanager-0.8.6.0-0.1.src.rpm
 fedaf805fc6d4d70a49f4455254a5427  2011/SRPMS/networkmanager-applet-0.8.6.0-0.1.src.rpm
 c5bf3fe13685d2a4cdcff69e38db2f3c  2011/SRPMS/networkmanager-openconnect-0.8.6.0-0.1.src.rpm
 0eadfcb51e4dbbe140464887b04a7fb8  2011/SRPMS/networkmanager-openvpn-0.8.6.0-0.1.src.rpm
 5e85b3b3f14cd6dd9057c9d02cbb2f15  2011/SRPMS/networkmanager-pptp-0.8.6.0-0.1.src.rpm
 9c83f344de996d5eb8e76b54b4e23bbe  2011/SRPMS/networkmanager-vpnc-0.8.6.0-0.1.src.rpm

2011 x86_64

 9fe4801401ee1ed6357238051f5bf295  2011/x86_64/lib64nm-glib2-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 b221a9f33856ab77eb3c18c9b39d1fad  2011/x86_64/lib64nm-glib-devel-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 518492246aae82e41b4a11646241ce25  2011/x86_64/lib64nm-glib-vpn1-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 d6972f15d6e98236c1721086ab32a3ba  2011/x86_64/lib64nm-glib-vpn-devel-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 9fb5f213996fb6e4a59351138c51fd34  2011/x86_64/lib64nm-util1-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 d4b5e921aa28d9c55f38eb976c69003f  2011/x86_64/lib64nm-util-devel-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 42737153344129c8196a2b34345a76f6  2011/x86_64/networkmanager-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 70433a01223f7a26156dfac562d7e56c  2011/x86_64/networkmanager-applet-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 19cf7eab0cd01a6c610d40cd0c81cf97  2011/x86_64/networkmanager-openconnect-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 f8a66ca3491630187725bbdeeb9c62ac  2011/x86_64/networkmanager-openvpn-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 edfd577bd13f0c7c23c22d7af9be173a  2011/x86_64/networkmanager-pptp-0.8.6.0-0.1-mdv2011.0.x86_64.rpm
 14c16994c828cb316b7004fc31e6dc40  2011/x86_64/networkmanager-vpnc-0.8.6.0-0.1-mdv2011.0.x86_64.rpm 
 9646534c9bb96c7f92a63179ae540e7f  2011/SRPMS/networkmanager-0.8.6.0-0.1.src.rpm
 fedaf805fc6d4d70a49f4455254a5427  2011/SRPMS/networkmanager-applet-0.8.6.0-0.1.src.rpm
 c5bf3fe13685d2a4cdcff69e38db2f3c  2011/SRPMS/networkmanager-openconnect-0.8.6.0-0.1.src.rpm
 0eadfcb51e4dbbe140464887b04a7fb8  2011/SRPMS/networkmanager-openvpn-0.8.6.0-0.1.src.rpm
 5e85b3b3f14cd6dd9057c9d02cbb2f15  2011/SRPMS/networkmanager-pptp-0.8.6.0-0.1.src.rpm
 9c83f344de996d5eb8e76b54b4e23bbe  2011/SRPMS/networkmanager-vpnc-0.8.6.0-0.1.src.rpm

Referenzen