--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-7919
2011-06-07 03:37:57
--------------------------------------------------------------------------------
Name : NetworkManager
Product : Fedora 15
Version : 0.8.9997
Release : 2.git20110531.fc15
URL : http://www.gnome.org/projects/NetworkManager/
Summary : Network connection manager and user applications
Description :
NetworkManager is a system network service that manages your network devices
and connections, attempting to keep active network connectivity when
available.
It manages ethernet, WiFi, mobile broadband (WWAN), and PPPoE devices, and
provides VPN integration with a variety of different VPN services.
--------------------------------------------------------------------------------
Update Information:
This update includes no changes to NetworkManager but ensures that the latest
update is installed to fix a security issue in
NetworkManager-0.8.999-3.git20110526. This issue was previously fixed in
NetworkManager-0.8.9997-1.git20110531.fc15 but was not marked as a security
update.
NetworkManager-0.8.999-3.git20110526 inadvertently included a piece of
debugging code that may have logged some VPN passwords to syslog. That version
was available as an update for five (5) days before the fixed version was
available. Users are advised to inspect log files in /var/log (and any backups)
for VPN passwords and remove any that are found. The string
"destroy_one_secret" may be used to identify files to be cleaned, such as by
using the following command: 'grep -riI "destroy_one_secret" /var/log'.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 3 2011 Dan Williams <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.8.9997-2.git20110531
- Bump for CVE-2011-1943 (no changes, only a rebuild)
* Tue May 31 2011 Dan Williams <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.8.9997-1.git20110531
- editor: fix resizing of UI elements (rh #707269)
- core: retry wired connections when cable is replugged
- core: fix a few warnings and remove some left-over debugging code
* Thu May 26 2011 Dan Williams <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.8.999-3.git20110526
- compat: fix activation/deactivation of VPN connections (rh #699786)
- core: fix autodetection of previously-used hidden wifi networks
- core: silence error if ConsoleKit database does not yet exist (rh #695617)
- core: fix Ad-Hoc frequency handling (rh #699203)
- core: fixes for migrated OpenConnect VPN plugin connections
- core: various fixes for VPN connection secrets handling
- core: send only short hostname to DHCP servers (rh #694758)
- core: better handling of PKCS#8 private keys
- core: fix dispatcher script interface name handling
- editor: fix potential crash when connection is invalid (rh #704848)
- editor: allow _ as a valid character for GSM APNs
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #708876 - CVE-2011-1943 NetworkManager: Password to unlock the
certificate is being logged
https://bugzilla.redhat.com/show_bug.cgi?id=708876
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update NetworkManager' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Posljednje sigurnosne preporuke