"Ubuntu Security Notice USN-883-1 January 13, 2010
network-manager-applet vulnerabilities
CVE-2009-4144, CVE-2009-4145
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.10:
network-manager-gnome 0.7~~svn20081020t000444-0ubuntu1.8.10.3
Ubuntu 9.04:
network-manager-gnome 0.7.1~rc4.1-0ubuntu2.1
After a standard system upgrade you need to restart your session to effect
the necessary changes.
Details follow:
It was discovered that NetworkManager did not ensure that the Certification
Authority (CA) certificate file remained present when using WPA Enterprise
or 802.1x networks. A remote attacker could use this flaw to spoof the
identity of a wireless network and view sensitive information.
(CVE-2009-4144)
It was discovered that the connection editor GUI would incorrectly export
objects over D-Bus. A local user could read D-Bus signals to view other
users' network connection passwords and pre-shared keys. (CVE-2009-4145)
Updated packages for Ubuntu 8.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/ne=
twork-manager-applet_0.7~~svn20081020t000444-0ubuntu1.8.10.3.diff.gz
Size/MD5: 52472 b82ebcb1945e432b7141c51500cf54d0
http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/ne=
twork-manager-applet_0.7~~svn20081020t000444-0ubuntu1.8.10.3.dsc
Size/MD5: 1745 682f49446d481b1c47a9191a7e8863d0
http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/ne=
twork-manager-applet_0.7~~svn20081020t000444.orig.tar.gz
Size/MD5: 668729 af829714605058afb3cf77c5d419ae83
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/ne=
twork-manager-gnome_0.7~~svn20081020t000444-0ubuntu1.8.10.3_amd64.deb
Size/MD5: 314590 93926fe52218799bb9582a9937625ebc
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/ne=
twork-manager-gnome_0.7~~svn20081020t000444-0ubuntu1.8.10.3_i386.deb
Size/MD5: 300692 e8130472fa267cd98d5696a660f7121b
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-mana=
ger-gnome_0.7~~svn20081020t000444-0ubuntu1.8.10.3_lpia.deb
Size/MD5: 299180 9b9c2a8e5577ede2474873c864dfb620
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-mana=
ger-gnome_0.7~~svn20081020t000444-0ubuntu1.8.10.3_powerpc.deb
Size/MD5: 310850 051260d8bf82146f1533e10ec842db46
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-mana=
ger-gnome_0.7~~svn20081020t000444-0ubuntu1.8.10.3_sparc.deb
Size/MD5: 303226 0fcfffc3b7948a93d8c20a22a867b34e
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/ne=
twork-manager-applet_0.7.1~rc4.1-0ubuntu2.1.diff.gz
Size/MD5: 39587 f761e8d9cbe68d5ff1a1ef1f373d0855
http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/ne=
twork-manager-applet_0.7.1~rc4.1-0ubuntu2.1.dsc
Size/MD5: 1621 83c06ab153587c3d3ece6ec8d27e8fa6
http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/ne=
twork-manager-applet_0.7.1~rc4.1.orig.tar.gz
Size/MD5: 812190 85177fb4f930e731187ad1f811f07888
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/ne=
twork-manager-gnome_0.7.1~rc4.1-0ubuntu2.1_amd64.deb
Size/MD5: 381524 c8a4ece54773441228662a1d8f0b78c0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/ne=
twork-manager-gnome_0.7.1~rc4.1-0ubuntu2.1_i386.deb
Size/MD5: 365622 13d6469d61d2323a6813e2ef763eccb2
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-mana=
ger-gnome_0.7.1~rc4.1-0ubuntu2.1_lpia.deb
Size/MD5: 362318 17f179f208b66b13320543e806f7aaed
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-mana=
ger-gnome_0.7.1~rc4.1-0ubuntu2.1_powerpc.deb
Size/MD5: 375036 32034d9e9af5d92a8a8174a2684f1ce2
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-mana=
ger-gnome_0.7.1~rc4.1-0ubuntu2.1_sparc.deb
Size/MD5: 368592 95d9b33243243701ecf97145d473043e
--=-tmKdES3BYnRVUutW5bZ6
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAktN6UsACgkQLMAs/0C4zNpHFACeLoeZHqgevwDDAAsAYrHtrX1D
cNgAnjE4dhHDm3nRNkZudA7PKiAMBhG1
=9X7n
-----END PGP SIGNATURE-----
"
USN-866-1: gnome-screensaver vulnerabilityAmy Winehouse kicks off at theatre-goers
This entry was posted
on 5:59 PM
.
Archives
-
▼
2010
(391)
-
▼
January
(47)
- USN-892-1: FUSE vulnerability
- DSA 1985-1: New sendmail packages fix SSL certific...
- DSA 1978-1: New phpgroupware packages fix several ...
- USN-890-4: PyXML vulnerabilities
- USN-890-3: Python 2.4 vulnerabilities
- DSA 1980-1: New ircd-hybrid/ircd-ratbox packages f...
- USN-890-1: Expat vulnerabilities
- RHSA-2010:0062-02 Moderate: bind security update
- RHSA-2010:0053-01 Important: kernel security and b...
- RHSA-2010:0061-02 Moderate: gzip security update
- DSA-1976-1: New dokuwiki packages fix several vuln...
- DSA-1975-1: Security Support for Debian 4.0 to be ...
- DSA 1974-1: New gzip packages fix arbitrary code e...
- DSA-1972-2: New audiofile packages fix buffer over...
- RHSA-2010:0054-01 Moderate: openssl security update
- RHSA-2010:0041-01 Important: kernel-rt security an...
- DSA-1972-1: New audiofile packages fix buffer over...
- USN-885-1: LibThai vulnerability
- GLSA 201001-06 aria2: Multiple vulnerabilities
- RHSA-2010:0046-01 Important: kernel security and b...
- USN-884-1: OpenSSL vulnerability
- USN-883-1: network-manager-applet vulnerabilities
- USN-886-1: Pidgin vulnerabilities
- DSA-1971-1: New libthai packages fix arbitrary cod...
- GLSA 201001-09 Ruby: Terminal Control Character I...
- RHSA-2010:0044-01 Important: pidgin security update
- RHSA-2010:0029-01 Critical: krb5 security update
- USN-885-1: Transmission vulnerabilities
- GLSA 201001-08 SquirrelMail: Multiple vulnerabili...
- RHSA-2010:0020-01 Important: kernel security update
- RHSA-2010:0038-01 Critical: acroread security update
- DSA-1969-1: New krb5 packages fix denial of service
- USN-878-1: Firefox 3.5 and Xulrunner 1.9.1 regression
- DSA 1968-1: New pdns-recursor packages fix potenti...
- RHSA-2010:0019-01 Important: kernel security update
- RHSA-2010:0018-01 Moderate: dbus security update
- USN-880-1: GIMP vulnerabilities
- USN-877-1: Firefox 3.0 and Xulrunner 1.9 regression
- DSA 1966-1: New horde3 packages fix cross-site scr...
- DSA-1965-1: New phpldapadmin packages fix remote f...
- GLSA 201001-03 PHP: Multiple vulnerabilities
- USN-879-1: Kerberos vulnerability
- RHSA-2010:0003-01 Moderate: gd security update
- RHSA-2010:0002-01 Moderate: PyXML security update
- GLSA 201001-01 NTP: Denial of Service
- GLSA 201001-02 Adobe Flash Player: Multiple vulne...
- DSA-1953-2: New expat packages fix regression
-
▼
January
(47)