[SECURITY] Fedora 11 Update: NetworkManager-0.7.2-2.git20091223.fc11

updates at fedoraproject.org updates at fedoraproject.org
Sat Jan 2 21:31:41 UTC 2010 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-13642
2009-12-24 20:17:18
--------------------------------------------------------------------------------

Name        : NetworkManager
Product     : Fedora 11
Version     : 0.7.2
Release     : 2.git20091223.fc11
URL         : http://www.gnome.org/projects/NetworkManager/
Summary     : Network connection manager and user applications
Description :
NetworkManager attempts to keep an active network connection available at all
times.  It is intended only for the desktop use-case, and is not intended for
usage on servers.   The point of NetworkManager is to make networking
configuration and setup as painless and automatic as possible.  If using DHCP,
NetworkManager is _intended_ to replace default routes, obtain IP addresses
from a DHCP server, and change nameservers whenever it sees fit.

--------------------------------------------------------------------------------
Update Information:

This update corrects two security issues, as well as fixes for various mobile
broadband devices and Fedora system network configuration handling.
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 23 2009 Dan Williams <dcbw at redhat.com> - 0.7.2-2.git20091223
- nm: allow more connect time for 'hso' mobile broadband devices (rh #514827)
- nm: fix reconnections on some Option 'hso' devices
- nm: add support for more ZTE mobile broadband devices
- ifcfg-rh: treat MODE=AUTO as infrastructure mode
- ifcfg-rh: warn when device will be managed due to missing HWADDR (rh #545003)
- ifcfg-rh: add support for reading and writing routes files (rh #507307)
- applet: fix potential leakage of secrets onto the system bus (rh #546115) (CVE-2009-4145)
- applet: fix possible connections to spoofed WPA Enterprise networks (rh #546793) (CVE-2009-4144)
- applet: add "Disable Notifications" option
- applet: fix blank notification with certain characters
* Mon Nov 23 2009 Dan Williams <dcbw at redhat.com> - 0.7.2
- nm: fix VPN crash with NULL secrets (rh #532084)
- nm: validate pidfile and quit early if NM is already running (rh #517362)
- nm: preserve WiFi and Networking Enabled states across reboot
- nm: handle PEM certificates without an ending newline (rh #507315)
- ifcfg-rh: handle never-default (rh #528281)
- ifcfg-rh: ignore .rpmnew files (rh #509621)
- applet: alert when private keys are not password protected
- applet: fix system connection selection from the "Connect to hidden..." dialog
- applet: don't die when auto connections can't be created (rh #532680)
- applet: add GConf key to allow sysadmins to disable Ad-Hoc wifi network creation
* Fri Oct 30 2009 Dan Williams <dcbw at redhat.com> - 0.7.1.998-1
- nm: fix checking for TTLS phase2 secrets
- nm: fix UUID validation regression (rh #530611)
- ifcfg-rh: fix writing LEAP connections
- applet: fix disabled Connect button for EAP-TLS (rh #469059)
- applet: add a "My country is not listed" option to the mobile wizard (rh #530981)
* Thu Oct 15 2009 Dan Williams <dcbw at redhat.com> - 0.7.1.997-1
- nm: add support for PEAP-GTC (rh #451027)
- nm: ensure VPN secrets aren't re-used when they shouldn't be
- nm: fix race causing erroneous ethernet carrier change events
- nm: fixes for ZTE, Onda, and Sierra modem detection and operation
- nm: enhanced support for Ericsson 'mbm' modems
- nm: enhanced support for AT&T Quicksilver and Option iCON 505
- nm: work around PPP bug returning bogus nameservers
- editor: fix editing system-wide VPN connections
- applet: PEAP, TTLS, and wired 802.1x fixes
- applet: install GConf schemas
- applet: fix default focus for passphrase dialogs
- applet: translation updates
* Thu Jul  9 2009 Dan Williams <dcbw at redhat.com> - 0.7.1-8.git20090708
- applet: fix crash on error claiming D-Bus service (rh #519408)
* Thu Jul  9 2009 Dan Williams <dcbw at redhat.com> - 0.7.1-8.git20090708
- applet: fix certificate validation in hidden wifi networks dialog (rh #508207)
* Wed Jul  8 2009 Dan Williams <dcbw at redhat.com> - 0.7.1-7.git20090708
- nm: fixes for ZTE/Onda modem detection
- nm: prevent re-opening serial port when the SIM has a PIN
- applet: updated translations
- editor: show list column headers
* Thu Jun 25 2009 Dan Williams <dcbw at redhat.com> - 0.7.1-6.git20090617
- nm: fix serial port settings
* Wed Jun 17 2009 Dan Williams <dcbw at redhat.com> - 0.7.1-5.git20090617
- nm: fix AT&T Quicksilver modem connections (rh #502002)
- nm: fix support for s390 bus types (rh #496820)
- nm: fix detection of some CMOtech modems
- nm: handle unsolicited wifi scans better
- nm: resolv.conf fixes when using DHCP and overriding search domains
- nm: handle WEP and WPA passphrases (rh #441070)
- nm: fix removal of old APs when none are scanned
- nm: fix Huawei EC121 and EC168C detection and handling (rh #496426)
- applet: save WEP and WPA passphrases instead of hashed keys (rh #441070)
- applet: fix broken notification bubble actions
- applet: default to WEP encryption for Ad-Hoc network creation
- applet: fix crash when connection editor dialogs are canceled
- applet: add a mobile broadband provider wizard
* Tue May 19 2009 Karsten Hopp <karsten at redhat.com> 0.7.1-4.git20090414.1
- drop ExcludeArch s390 s390x, we need at least the header files
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #546117 - CVE-2009-4145 NetworkManager: information disclosure by nm-connection-editor
        https://bugzilla.redhat.com/show_bug.cgi?id=546117
  [ 2 ] Bug #546795 - CVE-2009-4144 NetworkManager: WPA enterprise network not verified when certificate is removed
        https://bugzilla.redhat.com/show_bug.cgi?id=546795
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update NetworkManager' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list