NetworkManager-1.4.2-1.2 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10152 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z NetworkManager-1.4.2-1.2 on GA media These are all security issues fixed in the NetworkManager-1.4.2-1.2 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10152 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:10152 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2006-7246/ SUSE CVE CVE-2006-7246 page https://www.suse.com/security/cve/CVE-2015-2924/ SUSE CVE CVE-2015-2924 page https://www.suse.com/security/cve/CVE-2016-0764/ SUSE CVE CVE-2016-0764 page openSUSE Tumbleweed NetworkManager-1.4.2-1.2 NetworkManager-branding-upstream-1.4.2-1.2 NetworkManager-devel-1.4.2-1.2 NetworkManager-devel-32bit-1.4.2-1.2 NetworkManager-lang-1.4.2-1.2 libnm-glib-vpn1-1.4.2-1.2 libnm-glib-vpn1-32bit-1.4.2-1.2 libnm-glib4-1.4.2-1.2 libnm-glib4-32bit-1.4.2-1.2 libnm-util2-1.4.2-1.2 libnm-util2-32bit-1.4.2-1.2 libnm0-1.4.2-1.2 typelib-1_0-NM-1_0-1.4.2-1.2 typelib-1_0-NMClient-1_0-1.4.2-1.2 typelib-1_0-NetworkManager-1_0-1.4.2-1.2 NetworkManager-1.4.2-1.2 as a component of openSUSE Tumbleweed NetworkManager-branding-upstream-1.4.2-1.2 as a component of openSUSE Tumbleweed NetworkManager-devel-1.4.2-1.2 as a component of openSUSE Tumbleweed NetworkManager-devel-32bit-1.4.2-1.2 as a component of openSUSE Tumbleweed NetworkManager-lang-1.4.2-1.2 as a component of openSUSE Tumbleweed libnm-glib-vpn1-1.4.2-1.2 as a component of openSUSE Tumbleweed libnm-glib-vpn1-32bit-1.4.2-1.2 as a component of openSUSE Tumbleweed libnm-glib4-1.4.2-1.2 as a component of openSUSE Tumbleweed libnm-glib4-32bit-1.4.2-1.2 as a component of openSUSE Tumbleweed libnm-util2-1.4.2-1.2 as a component of openSUSE Tumbleweed libnm-util2-32bit-1.4.2-1.2 as a component of openSUSE Tumbleweed libnm0-1.4.2-1.2 as a component of openSUSE Tumbleweed typelib-1_0-NM-1_0-1.4.2-1.2 as a component of openSUSE Tumbleweed typelib-1_0-NMClient-1_0-1.4.2-1.2 as a component of openSUSE Tumbleweed typelib-1_0-NetworkManager-1_0-1.4.2-1.2 as a component of openSUSE Tumbleweed NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used. CVE-2006-7246 openSUSE Tumbleweed:NetworkManager-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-branding-upstream-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-devel-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-devel-32bit-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-lang-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib-vpn1-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib-vpn1-32bit-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib4-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib4-32bit-1.4.2-1.2 openSUSE Tumbleweed:libnm-util2-1.4.2-1.2 openSUSE Tumbleweed:libnm-util2-32bit-1.4.2-1.2 openSUSE Tumbleweed:libnm0-1.4.2-1.2 openSUSE Tumbleweed:typelib-1_0-NM-1_0-1.4.2-1.2 openSUSE Tumbleweed:typelib-1_0-NMClient-1_0-1.4.2-1.2 openSUSE Tumbleweed:typelib-1_0-NetworkManager-1_0-1.4.2-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2006-7246.html CVE-2006-7246 https://bugzilla.suse.com/1047509 SUSE Bug 1047509 https://bugzilla.suse.com/1047511 SUSE Bug 1047511 https://bugzilla.suse.com/574266 SUSE Bug 574266 https://bugzilla.suse.com/777228 SUSE Bug 777228 The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message, a similar issue to CVE-2015-2922. CVE-2015-2924 openSUSE Tumbleweed:NetworkManager-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-branding-upstream-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-devel-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-devel-32bit-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-lang-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib-vpn1-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib-vpn1-32bit-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib4-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib4-32bit-1.4.2-1.2 openSUSE Tumbleweed:libnm-util2-1.4.2-1.2 openSUSE Tumbleweed:libnm-util2-32bit-1.4.2-1.2 openSUSE Tumbleweed:libnm0-1.4.2-1.2 openSUSE Tumbleweed:typelib-1_0-NM-1_0-1.4.2-1.2 openSUSE Tumbleweed:typelib-1_0-NMClient-1_0-1.4.2-1.2 openSUSE Tumbleweed:typelib-1_0-NetworkManager-1_0-1.4.2-1.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-2924.html CVE-2015-2924 https://bugzilla.suse.com/926223 SUSE Bug 926223 Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes. CVE-2016-0764 openSUSE Tumbleweed:NetworkManager-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-branding-upstream-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-devel-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-devel-32bit-1.4.2-1.2 openSUSE Tumbleweed:NetworkManager-lang-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib-vpn1-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib-vpn1-32bit-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib4-1.4.2-1.2 openSUSE Tumbleweed:libnm-glib4-32bit-1.4.2-1.2 openSUSE Tumbleweed:libnm-util2-1.4.2-1.2 openSUSE Tumbleweed:libnm-util2-32bit-1.4.2-1.2 openSUSE Tumbleweed:libnm0-1.4.2-1.2 openSUSE Tumbleweed:typelib-1_0-NM-1_0-1.4.2-1.2 openSUSE Tumbleweed:typelib-1_0-NMClient-1_0-1.4.2-1.2 openSUSE Tumbleweed:typelib-1_0-NetworkManager-1_0-1.4.2-1.2 moderate 2.4 AV:L/AC:H/Au:S/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0764.html CVE-2016-0764 https://bugzilla.suse.com/974072 SUSE Bug 974072