SCIENTIFIC-LINUX-ERRATA Archives

April 2009

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Security ERRATA Moderate: NetworkManager on SL4.x, SL5.x i386/x86_64
From:
Troy Dawson <[log in to unmask]>
Reply To:
Troy Dawson <[log in to unmask]>
Date:
Mon, 20 Apr 2009 15:42:42 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (141 lines) 
The security update for NetworkManager was not backward compatible with 
Scientific Linux 5.2 or older.  We apologize for sending this update out 
and causing all the problems that it has caused.

This update will downgrade the version of NetworkMangager in SL 5.0, 
5.1, and 5.2 to the version that those releases had before the update.

SL 5.0 & 5.1

     SRPMS:
NetworkManager-0.7.0-4.sl5_0.0.6.4.src.rpm
     i386:
NetworkManager-0.7.0-4.sl5_0.0.6.4.i386.rpm
NetworkManager-debuginfo-0.7.0-4.sl5_0.0.6.4.i386.rpm
NetworkManager-devel-0.7.0-4.sl5_0.0.6.4.i386.rpm
NetworkManager-glib-0.7.0-4.sl5_0.0.6.4.i386.rpm
NetworkManager-glib-devel-0.7.0-4.sl5_0.0.6.4.i386.rpm
NetworkManager-gnome-0.7.0-4.sl5_0.0.6.4.i386.rpm
     x86_64:
NetworkManager-0.7.0-4.sl5_0.0.6.4.i386.rpm
NetworkManager-0.7.0-4.sl5_0.0.6.4.x86_64.rpm
NetworkManager-debuginfo-0.7.0-4.sl5_0.0.6.4.x86_64.rpm
NetworkManager-devel-0.7.0-4.sl5_0.0.6.4.i386.rpm
NetworkManager-devel-0.7.0-4.sl5_0.0.6.4.x86_64.rpm
NetworkManager-glib-0.7.0-4.sl5_0.0.6.4.i386.rpm
NetworkManager-glib-0.7.0-4.sl5_0.0.6.4.x86_64.rpm
NetworkManager-glib-devel-0.7.0-4.sl5_0.0.6.4.i386.rpm
NetworkManager-glib-devel-0.7.0-4.sl5_0.0.6.4.x86_64.rpm
NetworkManager-gnome-0.7.0-4.sl5_0.0.6.4.x86_64.rpm

SL 5.2

     SRPMS:
NetworkManager-0.7.0-4.sl5_2.0.6.4.src.rpm
     i386:
NetworkManager-0.7.0-4.sl5_2.0.6.4.i386.rpm
NetworkManager-debuginfo-0.7.0-4.sl5_2.0.6.4.i386.rpm
NetworkManager-devel-0.7.0-4.sl5_2.0.6.4.i386.rpm
NetworkManager-glib-0.7.0-4.sl5_2.0.6.4.i386.rpm
NetworkManager-glib-devel-0.7.0-4.sl5_2.0.6.4.i386.rpm
NetworkManager-gnome-0.7.0-4.sl5_2.0.6.4.i386.rpm
     x86_64:
NetworkManager-0.7.0-4.sl5_2.0.6.4.i386.rpm
NetworkManager-0.7.0-4.sl5_2.0.6.4.x86_64.rpm
NetworkManager-debuginfo-0.7.0-4.sl5_2.0.6.4.x86_64.rpm
NetworkManager-devel-0.7.0-4.sl5_2.0.6.4.i386.rpm
NetworkManager-devel-0.7.0-4.sl5_2.0.6.4.x86_64.rpm
NetworkManager-glib-0.7.0-4.sl5_2.0.6.4.i386.rpm
NetworkManager-glib-0.7.0-4.sl5_2.0.6.4.x86_64.rpm
NetworkManager-glib-devel-0.7.0-4.sl5_2.0.6.4.i386.rpm
NetworkManager-glib-devel-0.7.0-4.sl5_2.0.6.4.x86_64.rpm
NetworkManager-gnome-0.7.0-4.sl5_2.0.6.4.x86_64.rpm

SL 5.3

     SRPMS:
NetworkManager-0.7.0-4.sl5_3.src.rpm
     i386:
NetworkManager-0.7.0-4.sl5_3.i386.rpm
NetworkManager-debuginfo-0.7.0-4.sl5_3.i386.rpm
NetworkManager-devel-0.7.0-4.sl5_3.i386.rpm
NetworkManager-glib-0.7.0-4.sl5_3.i386.rpm
NetworkManager-glib-devel-0.7.0-4.sl5_3.i386.rpm
NetworkManager-gnome-0.7.0-4.sl5_3.i386.rpm
     x86_64:
NetworkManager-0.7.0-4.sl5_3.i386.rpm
NetworkManager-0.7.0-4.sl5_3.x86_64.rpm
NetworkManager-debuginfo-0.7.0-4.sl5_3.x86_64.rpm
NetworkManager-devel-0.7.0-4.sl5_3.i386.rpm
NetworkManager-devel-0.7.0-4.sl5_3.x86_64.rpm
NetworkManager-glib-0.7.0-4.sl5_3.i386.rpm
NetworkManager-glib-0.7.0-4.sl5_3.x86_64.rpm
NetworkManager-glib-devel-0.7.0-4.sl5_3.i386.rpm
NetworkManager-glib-devel-0.7.0-4.sl5_3.x86_64.rpm
NetworkManager-gnome-0.7.0-4.sl5_3.x86_64.rpm

Thank you for your patience.

Troy Dawson

Troy J Dawson wrote:
> Synopsis:	Moderate: NetworkManager security update
> Issue date:	2009-03-25
> CVE Names:	CVE-2009-0365 CVE-2009-0578
> 
> An information disclosure flaw was found in NetworkManager's D-Bus
> interface. A local attacker could leverage this flaw to discover 
> sensitive information, such as network connection passwords and 
> pre-shared keys. (CVE-2009-0365)
> 
> A potential denial of service flaw was found in NetworkManager's D-Bus
> interface. A local user could leverage this flaw to modify local 
> connection settings, preventing the system's network connection from 
> functioning properly. (CVE-2009-0578)
> 
> SL 4.x
> 
>       SRPMS:
> NetworkManager-0.3.1-5.el4.src.rpm
>       i386:
> NetworkManager-0.3.1-5.el4.i386.rpm
> NetworkManager-gnome-0.3.1-5.el4.i386.rpm
>       x86_64:
> NetworkManager-0.3.1-5.el4.x86_64.rpm
> NetworkManager-gnome-0.3.1-5.el4.x86_64.rpm
> 
> SL 5.x
> 
>       SRPMS:
> NetworkManager-0.7.0-4.el5_3.src.rpm
>       i386:
> NetworkManager-0.7.0-4.el5_3.i386.rpm
> NetworkManager-devel-0.7.0-4.el5_3.i386.rpm
> NetworkManager-glib-0.7.0-4.el5_3.i386.rpm
> NetworkManager-glib-devel-0.7.0-4.el5_3.i386.rpm
> NetworkManager-gnome-0.7.0-4.el5_3.i386.rpm
>       x86_64:
> NetworkManager-0.7.0-4.el5_3.i386.rpm
> NetworkManager-0.7.0-4.el5_3.x86_64.rpm
> NetworkManager-devel-0.7.0-4.el5_3.i386.rpm
> NetworkManager-devel-0.7.0-4.el5_3.x86_64.rpm
> NetworkManager-glib-0.7.0-4.el5_3.i386.rpm
> NetworkManager-glib-0.7.0-4.el5_3.x86_64.rpm
> NetworkManager-glib-devel-0.7.0-4.el5_3.i386.rpm
> NetworkManager-glib-devel-0.7.0-4.el5_3.x86_64.rpm
> NetworkManager-gnome-0.7.0-4.el5_3.x86_64.rpm
> 
> -Connie Sieh
> -Troy Dawson
> 
> 
> 
> 


-- 
__________________________________________________
Troy Dawson  [log in to unmask]  (630)840-6468
Fermilab  ComputingDivision/LCSI/CSI LMSS Group
__________________________________________________

ATOM RSS1 RSS2