Fedora has issued an advisory today (June 1): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SI4LWYUPI7M6B24ABADK24T77VF65B4A/ The issue is fixed upstream in 1.18.8.
Status comment: (none) => Fixed upstream in 1.18.8
Assigning to wally as registered maintainer, CC'ing Olav who also does it.
CC: (none) => olavAssignee: bugsquad => jani.valimaa
Pushed networkmanager-1.18.8-1.mga7 to core/updates_testing. It also includes fixes for bug 26673.
Blocks: (none) => 26673
type: security subject: Updated networkmanager packages fix security vulnerability CVE: - CVE-2020-10754 src: 7: core: - networkmanager-1.18.8-1.mga7 - networkmanager-applet-1.8.24-1.mga7 - gnome-control-center-3.32.1-2.2.mga7 - gnome-shell-3.32.1-2.1.mga7 description: | It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely (CVE-2020-10754). The networkmanager package has been updated to version 1.18.8, fixing this issue and other bugs. Also, the networkmanager-applet package has been updated to version 1.8.24. It also adds support for connecting to WPA3 / SAE protected wireless networks. gnome-control-center and gnome-shell have been fixed to correctly identify the connections as WPA3. references: - https://bugs.mageia.org/show_bug.cgi?id=26673 - https://bugs.mageia.org/show_bug.cgi?id=26713 - https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/nm-1-18/NEWS - https://gitlab.gnome.org/GNOME/network-manager-applet/-/blob/1.8.24/NEWS - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SI4LWYUPI7M6B24ABADK24T77VF65B4A/
Status comment: Fixed upstream in 1.18.8 => (none)Assignee: jani.valimaa => qa-bugsCC: (none) => jani.valimaa
The networkmanager-applet, gnome-control-center, and gnome-shell stuff were already tested and OK'd in Bug 26673. For the networkmanager package itself, the full set of RPMs is: networkmanager-1.18.8-1.mga7 networkmanager-adsl-1.18.8-1.mga7 networkmanager-bluetooth-1.18.8-1.mga7 networkmanager-team-1.18.8-1.mga7 networkmanager-wifi-1.18.8-1.mga7 networkmanager-wwan-1.18.8-1.mga7 networkmanager-ppp-1.18.8-1.mga7 networkmanager-tui-1.18.8-1.mga7 libnm0-1.18.8-1.mga7 libnm-devel-1.18.8-1.mga7 libnm-util2-1.18.8-1.mga7 libnm-gir1.0-1.18.8-1.mga7 libnetworkmanager-gir1.0-1.18.8-1.mga7 libnm-util-devel-1.18.8-1.mga7 libnm-glib4-1.18.8-1.mga7 libnmclient-gir1.0-1.18.8-1.mga7 libnm-glib-devel-1.18.8-1.mga7 libnm-glib-vpn1-1.18.8-1.mga7 libnm-glib-vpn-devel-1.18.8-1.mga7
laptop a6 - wifi Jun 07 20:17:21 localhost drakrpm[17767]: transaction on / (remove=0, install=0, upgrade=50) Jun 07 20:17:25 localhost [RPM][17767]: install lib64nm-util2-1.18.8-1.mga7.x86_64: success Jun 07 20:17:26 localhost [RPM][17767]: install lib64nm-glib-vpn1-1.18.8-1.mga7.x86_64: success Jun 07 20:17:26 localhost [RPM][17767]: install tpm2-tss-2.2.2-1.1.mga7.x86_64: success Jun 07 20:17:27 localhost [RPM][17767]: install lib64tss2-mu0-2.2.2-1.1.mga7.x86_64: success Jun 07 20:17:28 localhost [RPM][17767]: install libmbim-utils-1.18.2-1.mga7.x86_64: success Jun 07 20:17:29 localhost [RPM][17767]: install lib64mbim-glib4-1.18.2-1.mga7.x86_64: success Jun 07 20:17:29 localhost [RPM][17767]: install mobile-broadband-provider-info-1:1.20190116-1.mga7.noarch: success Jun 07 20:17:29 localhost [RPM][17767]: install lib64nma0-1.8.24-1.mga7.x86_64: success Jun 07 20:17:30 localhost [RPM][17767]: install lib64unbound8-1.10.1-1.mga7.x86_64: success Jun 07 20:17:31 localhost [RPM][17767]: install vpnc-0.5.3-14.mga7.x86_64: success Jun 07 20:17:34 localhost [RPM][17767]: install unbound-1.10.1-1.mga7.x86_64: success Jun 07 20:17:34 localhost [RPM][17767]: install lib64qmi-glib5-1.22.2-1.mga7.x86_64: success Jun 07 20:17:35 localhost [RPM][17767]: install libqmi-utils-1.22.2-1.mga7.x86_64: success Jun 07 20:17:35 localhost [RPM][17767]: install lib64tss2-sys0-2.2.2-1.1.mga7.x86_64: success Jun 07 20:17:36 localhost [RPM][17767]: install lib64tss2-tcti-device0-2.2.2-1.1.mga7.x86_64: success Jun 07 20:17:36 localhost [RPM][17767]: install lib64tss2-tcti-mssim0-2.2.2-1.1.mga7.x86_64: success Jun 07 20:17:37 localhost [RPM][17767]: install lib64tss2-esys0-2.2.2-1.1.mga7.x86_64: success Jun 07 20:17:37 localhost [RPM][17767]: install lib64nm-glib4-1.18.8-1.mga7.x86_64: success Jun 07 20:17:38 localhost [RPM][17767]: install lib64nm-gtk0-1.8.24-1.mga7.x86_64: success Jun 07 20:17:40 localhost [RPM][17767]: install luit-1.1.1-10.mga7.x86_64: success Jun 07 20:17:41 localhost [RPM][17767]: install xterm-344-1.mga7.x86_64: success Jun 07 20:17:41 localhost [RPM][17767]: install lib64mm-glib0-1.10.0-1.mga7.x86_64: success Jun 07 20:17:42 localhost [RPM][17767]: install lib64tspi1-0.3.14-4.1.mga7.x86_64: success Jun 07 20:17:43 localhost [RPM][17767]: install lib64openconnect5-8.10-1.mga7.x86_64: success Jun 07 20:17:44 localhost [RPM][17767]: install openconnect-8.10-1.mga7.x86_64: success Jun 07 20:17:45 localhost [RPM][17767]: install networkmanager-openconnect-1.2.4-4.mga7.x86_64: success Jun 07 20:17:46 localhost [RPM][17767]: install lib64expect5.45.4-1:5.45.4-3.mga7.x86_64: success Jun 07 20:17:47 localhost [RPM][17767]: install expect-1:5.45.4-3.mga7.x86_64: success Jun 07 20:17:48 localhost [RPM][17767]: install perl-IPC-Signal-1.0.0-13.mga7.noarch: success Jun 07 20:17:48 localhost [RPM][17767]: install perl-Proc-WaitStat-1.0.0-14.mga7.noarch: success Jun 07 20:17:48 localhost [RPM][17767]: install perl-Authen-PAM-0.160.0-22.mga7.x86_64: success Jun 07 20:17:49 localhost [RPM][17767]: install lib64ndp0-1.6-3.mga7.x86_64: success --- rebooted Network tools I use are still functional and the system is connecting.
CC: (none) => brtians1
Whiteboard: (none) => MGA7-64-OK
Installed and set up network manager on a 64-bit Plasma install with both wired and wifi connections. Was able to switch back and forth with no problems. Using qarepo, I updated the packages from this bug, plus the additional packages from Bugs 26673 and 26674. All packages updated cleanly. Rebooted to make sure the new network manager was being used, and once again connections were stable and I was able to switch back and forth. Looks OK here. Validating. Advisory information in Comment 3 and, I guess, Comment 4.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0260.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED
*** Bug 27829 has been marked as a duplicate of this bug. ***
CC: (none) => zombie_ryushu