Skip to navigation

Security Advisory Moderate: NetworkManager security update

Advisory: RHSA-2010:0108-1
Type: Security Advisory
Severity: Moderate
Issued on: 2010-02-16
Last updated on: 2010-02-16
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.4.z server)
CVEs (cve.mitre.org): CVE-2009-4144
CVE-2009-4145

Details

Updated NetworkManager packages that fix two security issues are now
available for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

NetworkManager is a network link manager that attempts to keep a wired or
wireless network connection active at all times.

A missing network certificate verification flaw was found in
NetworkManager. If a user created a WPA Enterprise or 802.1x wireless
network connection that was verified using a Certificate Authority (CA)
certificate, and then later removed that CA certificate file,
NetworkManager failed to verify the identity of the network on the
following connection attempts. In these situations, a malicious wireless
network spoofing the original network could trick a user into disclosing
authentication credentials or communicating over an untrusted network.
(CVE-2009-4144)

An information disclosure flaw was found in NetworkManager's
nm-connection-editor D-Bus interface. If a user edited network connection
options using nm-connection-editor, a summary of those changes was
broadcasted over the D-Bus message bus, possibly disclosing sensitive
information (such as wireless network authentication credentials) to other
local users. (CVE-2009-4145)

Users of NetworkManager should upgrade to these updated packages, which
contain backported patches to correct these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
NetworkManager-0.7.0-9.el5_4.src.rpm
File outdated by:  RHBA-2011:1023
    MD5: 78eb57aa85b1f83f932ec5b1d080473e
 
IA-32:
NetworkManager-devel-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: 4cba6d24890965dc0ae2d33278d72124
NetworkManager-glib-devel-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: d739d50e2da2f2f79c8e6204a9f28c3f
 
x86_64:
NetworkManager-devel-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: 4cba6d24890965dc0ae2d33278d72124
NetworkManager-devel-0.7.0-9.el5_4.x86_64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 6be07753b920c923e0226793f2f43ab4
NetworkManager-glib-devel-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: d739d50e2da2f2f79c8e6204a9f28c3f
NetworkManager-glib-devel-0.7.0-9.el5_4.x86_64.rpm
File outdated by:  RHBA-2011:1023
    MD5: b92df0f502cfd373fd2eb5566d2bac59
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
NetworkManager-0.7.0-9.el5_4.src.rpm
File outdated by:  RHBA-2011:1023
    MD5: 78eb57aa85b1f83f932ec5b1d080473e
 
IA-32:
NetworkManager-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: 172a4e5039d97d93a3059d5e00b747e9
NetworkManager-devel-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: 4cba6d24890965dc0ae2d33278d72124
NetworkManager-glib-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: b66d2eb764a46e5ea945f52605fa7257
NetworkManager-glib-devel-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: d739d50e2da2f2f79c8e6204a9f28c3f
NetworkManager-gnome-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: af3856759630add06ddff3213ced3a7e
 
IA-64:
NetworkManager-0.7.0-9.el5_4.ia64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 3d42e0071d8ff99b9c096965b9d916bf
NetworkManager-devel-0.7.0-9.el5_4.ia64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 6035ac6c86b724bf228576b07781919c
NetworkManager-glib-0.7.0-9.el5_4.ia64.rpm
File outdated by:  RHBA-2011:1023
    MD5: ecf0bca149b16e8b9fc9c13afd6923f2
NetworkManager-glib-devel-0.7.0-9.el5_4.ia64.rpm
File outdated by:  RHBA-2011:1023
    MD5: aa49b535888e50290da235b905ea09bb
NetworkManager-gnome-0.7.0-9.el5_4.ia64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 437ca7fc92156fddde6f8d8bd387e255
 
PPC:
NetworkManager-0.7.0-9.el5_4.ppc.rpm
File outdated by:  RHBA-2011:1023
    MD5: 3a50a0e18161095229242ab5b0582e08
NetworkManager-0.7.0-9.el5_4.ppc64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 3101cc6f4fb12c27099a7ffb213bba32
NetworkManager-devel-0.7.0-9.el5_4.ppc.rpm
File outdated by:  RHBA-2011:1023
    MD5: 456052e959d913283213f4e79a526717
NetworkManager-devel-0.7.0-9.el5_4.ppc64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 650d745d903f3e2eab45249845176d7d
NetworkManager-glib-0.7.0-9.el5_4.ppc.rpm
File outdated by:  RHBA-2011:1023
    MD5: 6572ef7ceb6d8ba575df371dd635885f
NetworkManager-glib-0.7.0-9.el5_4.ppc64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 15a1aa8d30acfc1896f9f78ccf043fef
NetworkManager-glib-devel-0.7.0-9.el5_4.ppc.rpm
File outdated by:  RHBA-2011:1023
    MD5: b770420ea01c54dfaab3bd0eb3b2625c
NetworkManager-glib-devel-0.7.0-9.el5_4.ppc64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 8c35e64f18c74936e35febd9c896b941
NetworkManager-gnome-0.7.0-9.el5_4.ppc.rpm
File outdated by:  RHBA-2011:1023
    MD5: 099dc8965c0acf6b573856834dcd7366
 
x86_64:
NetworkManager-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: 172a4e5039d97d93a3059d5e00b747e9
NetworkManager-0.7.0-9.el5_4.x86_64.rpm
File outdated by:  RHBA-2011:1023
    MD5: a47f14aab62734da1950634623eb233b
NetworkManager-devel-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: 4cba6d24890965dc0ae2d33278d72124
NetworkManager-devel-0.7.0-9.el5_4.x86_64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 6be07753b920c923e0226793f2f43ab4
NetworkManager-glib-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: b66d2eb764a46e5ea945f52605fa7257
NetworkManager-glib-0.7.0-9.el5_4.x86_64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 4a7c7971edb0d89a54c0153c541d7c38
NetworkManager-glib-devel-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: d739d50e2da2f2f79c8e6204a9f28c3f
NetworkManager-glib-devel-0.7.0-9.el5_4.x86_64.rpm
File outdated by:  RHBA-2011:1023
    MD5: b92df0f502cfd373fd2eb5566d2bac59
NetworkManager-gnome-0.7.0-9.el5_4.x86_64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 7dbb171a10bf5acec26f7214d5f26a5c
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
NetworkManager-0.7.0-9.el5_4.src.rpm
File outdated by:  RHBA-2011:1023
    MD5: 78eb57aa85b1f83f932ec5b1d080473e
 
IA-32:
NetworkManager-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: 172a4e5039d97d93a3059d5e00b747e9
NetworkManager-glib-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: b66d2eb764a46e5ea945f52605fa7257
NetworkManager-gnome-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: af3856759630add06ddff3213ced3a7e
 
x86_64:
NetworkManager-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: 172a4e5039d97d93a3059d5e00b747e9
NetworkManager-0.7.0-9.el5_4.x86_64.rpm
File outdated by:  RHBA-2011:1023
    MD5: a47f14aab62734da1950634623eb233b
NetworkManager-glib-0.7.0-9.el5_4.i386.rpm
File outdated by:  RHBA-2011:1023
    MD5: b66d2eb764a46e5ea945f52605fa7257
NetworkManager-glib-0.7.0-9.el5_4.x86_64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 4a7c7971edb0d89a54c0153c541d7c38
NetworkManager-gnome-0.7.0-9.el5_4.x86_64.rpm
File outdated by:  RHBA-2011:1023
    MD5: 7dbb171a10bf5acec26f7214d5f26a5c
 
Red Hat Enterprise Linux EUS (v. 5.4.z server)

SRPMS:
NetworkManager-0.7.0-9.el5_4.src.rpm
File outdated by:  RHBA-2011:1023
    MD5: 78eb57aa85b1f83f932ec5b1d080473e
 
IA-32:
NetworkManager-0.7.0-9.el5_4.i386.rpm     MD5: 172a4e5039d97d93a3059d5e00b747e9
NetworkManager-devel-0.7.0-9.el5_4.i386.rpm     MD5: 4cba6d24890965dc0ae2d33278d72124
NetworkManager-glib-0.7.0-9.el5_4.i386.rpm     MD5: b66d2eb764a46e5ea945f52605fa7257
NetworkManager-glib-devel-0.7.0-9.el5_4.i386.rpm     MD5: d739d50e2da2f2f79c8e6204a9f28c3f
NetworkManager-gnome-0.7.0-9.el5_4.i386.rpm     MD5: af3856759630add06ddff3213ced3a7e
 
IA-64:
NetworkManager-0.7.0-9.el5_4.ia64.rpm     MD5: 3d42e0071d8ff99b9c096965b9d916bf
NetworkManager-devel-0.7.0-9.el5_4.ia64.rpm     MD5: 6035ac6c86b724bf228576b07781919c
NetworkManager-glib-0.7.0-9.el5_4.ia64.rpm     MD5: ecf0bca149b16e8b9fc9c13afd6923f2
NetworkManager-glib-devel-0.7.0-9.el5_4.ia64.rpm     MD5: aa49b535888e50290da235b905ea09bb
NetworkManager-gnome-0.7.0-9.el5_4.ia64.rpm     MD5: 437ca7fc92156fddde6f8d8bd387e255
 
PPC:
NetworkManager-0.7.0-9.el5_4.ppc.rpm     MD5: 3a50a0e18161095229242ab5b0582e08
NetworkManager-0.7.0-9.el5_4.ppc64.rpm     MD5: 3101cc6f4fb12c27099a7ffb213bba32
NetworkManager-devel-0.7.0-9.el5_4.ppc.rpm     MD5: 456052e959d913283213f4e79a526717
NetworkManager-devel-0.7.0-9.el5_4.ppc64.rpm     MD5: 650d745d903f3e2eab45249845176d7d
NetworkManager-glib-0.7.0-9.el5_4.ppc.rpm     MD5: 6572ef7ceb6d8ba575df371dd635885f
NetworkManager-glib-0.7.0-9.el5_4.ppc64.rpm     MD5: 15a1aa8d30acfc1896f9f78ccf043fef
NetworkManager-glib-devel-0.7.0-9.el5_4.ppc.rpm     MD5: b770420ea01c54dfaab3bd0eb3b2625c
NetworkManager-glib-devel-0.7.0-9.el5_4.ppc64.rpm     MD5: 8c35e64f18c74936e35febd9c896b941
NetworkManager-gnome-0.7.0-9.el5_4.ppc.rpm     MD5: 099dc8965c0acf6b573856834dcd7366
 
x86_64:
NetworkManager-0.7.0-9.el5_4.i386.rpm     MD5: 172a4e5039d97d93a3059d5e00b747e9
NetworkManager-0.7.0-9.el5_4.x86_64.rpm     MD5: a47f14aab62734da1950634623eb233b
NetworkManager-devel-0.7.0-9.el5_4.i386.rpm     MD5: 4cba6d24890965dc0ae2d33278d72124
NetworkManager-devel-0.7.0-9.el5_4.x86_64.rpm     MD5: 6be07753b920c923e0226793f2f43ab4
NetworkManager-glib-0.7.0-9.el5_4.i386.rpm     MD5: b66d2eb764a46e5ea945f52605fa7257
NetworkManager-glib-0.7.0-9.el5_4.x86_64.rpm     MD5: 4a7c7971edb0d89a54c0153c541d7c38
NetworkManager-glib-devel-0.7.0-9.el5_4.i386.rpm     MD5: d739d50e2da2f2f79c8e6204a9f28c3f
NetworkManager-glib-devel-0.7.0-9.el5_4.x86_64.rpm     MD5: b92df0f502cfd373fd2eb5566d2bac59
NetworkManager-gnome-0.7.0-9.el5_4.x86_64.rpm     MD5: 7dbb171a10bf5acec26f7214d5f26a5c
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

546117 - CVE-2009-4145 NetworkManager: information disclosure by nm-connection-editor
546795 - CVE-2009-4144 NetworkManager: WPA enterprise network not verified when certificate is removed


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/