Bug 27829

Summary: [Update Request] network manager security issue CVE-2020-10754
Product: Mageia Reporter: Zombie Ryushu <zombie_ryushu>
Component: RPM PackagesAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED DUPLICATE QA Contact:
Severity: normal    
Priority: Normal    
Version: 7   
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://nvd.nist.gov/vuln/detail/CVE-2020-10754
Whiteboard:
Source RPM: networkmanager-1.18.8-1.mga7.src CVE:
Status comment:

Description Zombie Ryushu 2020-12-15 13:51:51 CET 
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely.
Comment 1 David Walser 2020-12-15 17:03:54 CET 
Already reported and FIXED!

*** This bug has been marked as a duplicate of bug 26713 ***

Resolution: (none) => DUPLICATE
Status: NEW => RESOLVED