ESB-2017.1888 - [RedHat] NetworkManager and libnl3: Execute arbitrary code/commands - Remote with user interaction 2017-08-02

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.1888
         Moderate: NetworkManager and libnl3 security, bug fix and
                            enhancement update
                               2 August 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           NetworkManager
                   libnl3
Publisher:         Red Hat
Operating System:  Red Hat Enterprise Linux Server 7
                   Red Hat Enterprise Linux WS/Desktop 7
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-0553  

Reference:         ASB-2017.0032
                   ESB-2017.1530
                   ESB-2017.1426.2

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2017:2299

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: NetworkManager and libnl3 security, bug fix and enhancement update
Advisory ID:       RHSA-2017:2299-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2017:2299
Issue date:        2017-08-01
CVE Names:         CVE-2017-0553 
=====================================================================

1. Summary:

An update for NetworkManager, NetworkManager-libreswan, libnl3, and
network-manager-applet is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64
Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64

3. Description:

NetworkManager is a system network service that manages network devices and
connections, attempting to keep active network connectivity when available.
Its capabilities include managing Ethernet, wireless, mobile broadband
(WWAN), and PPPoE devices, as well as providing VPN integration with a
variety of different VPN services.

The libnl3 packages contain a convenience library that simplifies using the
Linux kernel's Netlink sockets interface for network manipulation.

The following packages have been upgraded to a later upstream version:
NetworkManager (1.8.0), network-manager-applet (1.8.0). (BZ#1413312,
BZ#1414103, BZ#1441621)

Security Fix(es) in the libnl3 component:

* An integer overflow leading to a heap-buffer overflow was found in the
libnl library. An attacker could use this flaw to cause an application
compiled with libnl to crash or possibly execute arbitrary code in the
context of the user running such an application. (CVE-2017-0553)

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.4 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1231526 - nmcli slow with large numbers of VLANs
1256822 - [RFE] support ipv6 shared connections
1312359 - activating vlan on virtual device fails with: failed to determine interface name: error determine name for vlan
1344303 - hostnamectl set-hostname over-writes existing resolv.conf entries
1348198 - [RFE] cannot easily change active_slave
1349266 - NetworkManager adds extra options while bonding mode=6, which causes extra warning
1351263 - [review] lr/cli-ask-rh1351263: [RFE] allow passing -a to the end of nmcli command
1360386 - bond slaves of master which is slave of a bridge are sometimes not activated in installer
1367752 - startin team slave when master has invalid json config leads to infinite connecting state
1368353 - [NMCI] [abrt] [faf] NetworkManager: g_object_get_property(): /usr/bin/nmcli killed by 11
1369008 - Once NetworkManager is stopped, the ifcfg files it created via nmtui\cockpit are incompatible with initscripts, since MASTER=UUID instead of MASTER=device_name
1369380 - NetworkManager.service ignores commented 'ONBOOT=no # comment' lines in ifcfg
1369716 - Checkpoint/rollback improvements
1371126 - layer 2-only device is taken down when NetworkManager stops
1371433 - [RFE] Directly instruct NM to avoid controlling and monitoring a device.
1376199 - stalled eth1.80 vlan after restart and connection delete
1378418 - vlan device is down and lost ip once stopping NetworkManager
1380165 - [NMCI] just last address specified in novice mode is written into profile
1384937 - [NMCI] team activation timeout with incorrect setup
1386106 - NM fails to detect Red Hat VPN after first login
1388286 - Incorrect MAC address set on em1 after interface renaming
1388613 - [RFE] Allow setting the MTU of mobile broadband connections in NetworkManager
1391170 - nmcli should show output in non-pretty-printed form for parsing
1391477 - [bug] ifcfg-rh plugin fails to re-read valid connection 802-1x connection
1393853 - [NMCI] add team fails after clean install, NM service restart helps
1393997 - nmcli duplicates a connection  after a NetworkManager restart if DHCP_HOSTNAME is defined
1394334 - [RFE] Improve NetworkManager error handling
1394344 - [RFE] Improve Multihoming
1394345 - [RFE] Per-device connection checks
1394500 - NetworkManager doesn't honor ip address order
1394579 - improve handling of unmanaged/assumed devices
1398932 - [RFE] Create dummy-based connection
1398934 - [RFE] Recognize SRIOV PF and set its num_vfs
1404148 - NetworkManager assertion failure
1404594 - [RFE] Export DNS configuration via D-Bus
1404598 - [RFE] Split NetworkManager PPP support into a separate package
1405431 - NM changes /etc/resolv.conf even though there is PEERDNS=no in ifcfg-* files
1413312 - Fix default behavior for cloned-mac-address with rebase in rhel-7.4 after upstream change
1414103 - rebase NetworkManager package to new upstream version 1.8.x in rhel-7.4
1420244 - [abrt] [faf] NetworkManager: __strchr_sse42(): /usr/sbin/NetworkManager killed by 11
1420708 - Stable bond slaves ordering based on the device name
1421019 - platform-linux: kernel support for IFLA_INET6_ADDR_GEN_M ODE failed to detect; assume no support
1421429 - [RFE] Connection profile user data
1422610 - NM changes hostname to localhost.localdomain even though no devices are managed by it
1422786 - make insufficient permission errors more visible (especially in connection down)
1423490 - [dns] change behavior for rc-manager=symlink to keep /etc/resolv.conf as regular file instead of symlink
1424641 - Team MAC address changes after reboot or a down/up cycle
1425409 - add MASTER=dev when creating bond directly with slaves in nmtui
1425818 - [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 5
1426748 - NM changes /etc/resolv.conf even though there is PEERDNS=no in ifcfg-* files part 2
1427482 - NetworkManager doesn't see vlan team-slaves after reboot
1432251 - [abrt] [faf] NetworkManager: raise(): /usr/sbin/NetworkManager killed by 5
1433303 - NetworkManager leaks NMDevice objects for enslaved veth devices
1433883 - [NMCI] nmcli connection down broken
1434317 - Some buttons miss mnemonic character in nm-connection-editor tool
1434555 - Better handling of bonds with TYPE=Ethernet
1436600 - [NMCI] [abrt] [faf] NetworkManager: check_activated(): /usr/bin/nmcli killed by 11
1436601 - [NMCI] [abrt] [faf] NetworkManager: g_logv(): /usr/sbin/NetworkManager killed by 5
1436602 - [NMCI] [abrt] [faf] NetworkManager: g_logv(): /usr/sbin/NetworkManager killed by 5
1436770 - NetworkManager service restart is required after FirewallD package installation to get active zone
1436978 - [abrt] [faf] NetworkManager: raise(): /usr/sbin/NetworkManager killed by 5
1436990 - [NMCI] bring down connection with id exits with incorrect value
1436993 - [NMCI] nmcli segfault when entering editor for new connection
1437438 - [NMCI] [abrt] [faf] NetworkManager: unknown function(): /usr/bin/nmcli killed by 11
1439118 - NetworkManager wrongly manages veth devices [rhel-7.4-alpha only]
1440077 - [NMCI] [abrt] [faf] NetworkManager: _g_log_abort(): /usr/sbin/NetworkManager killed by 5
1440087 - [NMCI] [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 5
1440089 - [NMCI] [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 6
1440090 - [NMCI] [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 11
1440171 - [NMCI] wireless device unmanaged after clean install
1440623 - [NMCI] [abrt] [faf] NetworkManager: g_logv(): /usr/sbin/NetworkManager killed by 5
1440788 - CVE-2017-0553 libnl: Integer overflow in nlmsg_reserve()
1440957 - nmcli connection edit interactive is not working for bond-slave
1442064 - [NMCI] [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 5
1443437 - Cannot send FQDN as DHCP client Host Name (Option 12)
1443878 - changes in NM assuming of devices causing regressions in Anaconda
1444374 - [NMCI] [abrt] [faf] NetworkManager: _g_log_abort(): /usr/sbin/NetworkManager killed by 5
1445414 - ifcfg: try to stay compatible with pykickstart
1446367 - New IPv6 DAD support lets activation without carrier hang indefinitely
1448165 - NetworkManager does not track ip configurations on managed, inactive devices
1448907 - [abrt] [faf] NetworkManager: g_logv(): /usr/sbin/NetworkManager killed by 5
1448987 - NM does not use new route when adding host route for DHCP server
1449296 - Connectivity checking timeout=0 does not disable connectivity checking
1450444 - NM wrongly delays startup complete with 'carrier wait'
1450459 - backport fix for possible crash in proxy code "nm-pacrunner-manacer.c"
1452062 - [NMCI] vlan_over_no_L3_bond_restart_persistence failed
1452585 - Preserve the old behavior of ordering slaves by ifindex by default
1452648 - (null) in old route syntaxt after calling nmcli modify ipv4.routes
1454385 - Bluetooth NAP doesn't work
1456362 - nmcli crashes when setting the 802-1x.password-raw property
1456826 - tui: fix crash during nmtui-connect
1456911 - Fix checking for valid VLan ID in NetworkManager connection
1457242 - manually added IPv6 route is removed when NM is running
1457909 - [NMCI] nm doesn't match bond connection and a device
1458399 - periodic connectivity checking broken in 1.8 (needs backport)
1458567 - nm-connection-editor crashes when editing an Ethernet connection with 802.1X security
1459579 - [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 5
1459580 - [abrt] [faf] NetworkManager: unknown function(): /usr/sbin/NetworkManager killed by 5
1459604 - Failed assertion in NetworkManager when removing WWAN modem
1459813 - [NMCI] ipv4_keep_external_addresses failed
1459932 - NetworkManager: connectivity check fails on WWAN interface
1460219 - long device name is cut in nmcli summary
1460527 - Spurious device name in the output of nmcli device wifi subcommands
1460760 - Virtio-net interface MTU overwritten to 1500 bytes

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
NetworkManager-1.8.0-9.el7.src.rpm
NetworkManager-libreswan-1.2.4-2.el7.src.rpm
libnl3-3.2.28-4.el7.src.rpm
network-manager-applet-1.8.0-3.el7.src.rpm

x86_64:
NetworkManager-1.8.0-9.el7.x86_64.rpm
NetworkManager-adsl-1.8.0-9.el7.x86_64.rpm
NetworkManager-bluetooth-1.8.0-9.el7.x86_64.rpm
NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm
NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm
NetworkManager-glib-1.8.0-9.el7.i686.rpm
NetworkManager-glib-1.8.0-9.el7.x86_64.rpm
NetworkManager-libnm-1.8.0-9.el7.i686.rpm
NetworkManager-libnm-1.8.0-9.el7.x86_64.rpm
NetworkManager-libreswan-1.2.4-2.el7.x86_64.rpm
NetworkManager-libreswan-debuginfo-1.2.4-2.el7.x86_64.rpm
NetworkManager-libreswan-gnome-1.2.4-2.el7.x86_64.rpm
NetworkManager-ppp-1.8.0-9.el7.x86_64.rpm
NetworkManager-team-1.8.0-9.el7.x86_64.rpm
NetworkManager-tui-1.8.0-9.el7.x86_64.rpm
NetworkManager-wifi-1.8.0-9.el7.x86_64.rpm
NetworkManager-wwan-1.8.0-9.el7.x86_64.rpm
libnl3-3.2.28-4.el7.i686.rpm
libnl3-3.2.28-4.el7.x86_64.rpm
libnl3-cli-3.2.28-4.el7.i686.rpm
libnl3-cli-3.2.28-4.el7.x86_64.rpm
libnl3-debuginfo-3.2.28-4.el7.i686.rpm
libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm
libnm-gtk-1.8.0-3.el7.i686.rpm
libnm-gtk-1.8.0-3.el7.x86_64.rpm
libnma-1.8.0-3.el7.i686.rpm
libnma-1.8.0-3.el7.x86_64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm
nm-connection-editor-1.8.0-3.el7.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

noarch:
NetworkManager-config-server-1.8.0-9.el7.noarch.rpm
NetworkManager-dispatcher-routing-rules-1.8.0-9.el7.noarch.rpm

x86_64:
NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm
NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm
NetworkManager-glib-devel-1.8.0-9.el7.i686.rpm
NetworkManager-glib-devel-1.8.0-9.el7.x86_64.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.i686.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.x86_64.rpm
libnl3-debuginfo-3.2.28-4.el7.i686.rpm
libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm
libnl3-devel-3.2.28-4.el7.i686.rpm
libnl3-devel-3.2.28-4.el7.x86_64.rpm
libnl3-doc-3.2.28-4.el7.x86_64.rpm
libnm-gtk-devel-1.8.0-3.el7.i686.rpm
libnm-gtk-devel-1.8.0-3.el7.x86_64.rpm
libnma-devel-1.8.0-3.el7.i686.rpm
libnma-devel-1.8.0-3.el7.x86_64.rpm
network-manager-applet-1.8.0-3.el7.x86_64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
NetworkManager-1.8.0-9.el7.src.rpm
libnl3-3.2.28-4.el7.src.rpm
network-manager-applet-1.8.0-3.el7.src.rpm

x86_64:
NetworkManager-1.8.0-9.el7.x86_64.rpm
NetworkManager-adsl-1.8.0-9.el7.x86_64.rpm
NetworkManager-bluetooth-1.8.0-9.el7.x86_64.rpm
NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm
NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm
NetworkManager-glib-1.8.0-9.el7.i686.rpm
NetworkManager-glib-1.8.0-9.el7.x86_64.rpm
NetworkManager-libnm-1.8.0-9.el7.i686.rpm
NetworkManager-libnm-1.8.0-9.el7.x86_64.rpm
NetworkManager-ppp-1.8.0-9.el7.x86_64.rpm
NetworkManager-team-1.8.0-9.el7.x86_64.rpm
NetworkManager-tui-1.8.0-9.el7.x86_64.rpm
NetworkManager-wifi-1.8.0-9.el7.x86_64.rpm
NetworkManager-wwan-1.8.0-9.el7.x86_64.rpm
libnl3-3.2.28-4.el7.i686.rpm
libnl3-3.2.28-4.el7.x86_64.rpm
libnl3-cli-3.2.28-4.el7.i686.rpm
libnl3-cli-3.2.28-4.el7.x86_64.rpm
libnl3-debuginfo-3.2.28-4.el7.i686.rpm
libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm
libnm-gtk-1.8.0-3.el7.i686.rpm
libnm-gtk-1.8.0-3.el7.x86_64.rpm
libnma-1.8.0-3.el7.i686.rpm
libnma-1.8.0-3.el7.x86_64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm
nm-connection-editor-1.8.0-3.el7.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

noarch:
NetworkManager-config-server-1.8.0-9.el7.noarch.rpm
NetworkManager-dispatcher-routing-rules-1.8.0-9.el7.noarch.rpm

x86_64:
NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm
NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm
NetworkManager-glib-devel-1.8.0-9.el7.i686.rpm
NetworkManager-glib-devel-1.8.0-9.el7.x86_64.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.i686.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.x86_64.rpm
libnl3-debuginfo-3.2.28-4.el7.i686.rpm
libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm
libnl3-devel-3.2.28-4.el7.i686.rpm
libnl3-devel-3.2.28-4.el7.x86_64.rpm
libnl3-doc-3.2.28-4.el7.x86_64.rpm
libnm-gtk-devel-1.8.0-3.el7.i686.rpm
libnm-gtk-devel-1.8.0-3.el7.x86_64.rpm
libnma-devel-1.8.0-3.el7.i686.rpm
libnma-devel-1.8.0-3.el7.x86_64.rpm
network-manager-applet-1.8.0-3.el7.x86_64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
NetworkManager-1.8.0-9.el7.src.rpm
NetworkManager-libreswan-1.2.4-2.el7.src.rpm
libnl3-3.2.28-4.el7.src.rpm
network-manager-applet-1.8.0-3.el7.src.rpm

aarch64:
NetworkManager-1.8.0-9.el7.aarch64.rpm
NetworkManager-adsl-1.8.0-9.el7.aarch64.rpm
NetworkManager-bluetooth-1.8.0-9.el7.aarch64.rpm
NetworkManager-debuginfo-1.8.0-9.el7.aarch64.rpm
NetworkManager-glib-1.8.0-9.el7.aarch64.rpm
NetworkManager-libnm-1.8.0-9.el7.aarch64.rpm
NetworkManager-libreswan-1.2.4-2.el7.aarch64.rpm
NetworkManager-libreswan-debuginfo-1.2.4-2.el7.aarch64.rpm
NetworkManager-libreswan-gnome-1.2.4-2.el7.aarch64.rpm
NetworkManager-ppp-1.8.0-9.el7.aarch64.rpm
NetworkManager-team-1.8.0-9.el7.aarch64.rpm
NetworkManager-tui-1.8.0-9.el7.aarch64.rpm
NetworkManager-wifi-1.8.0-9.el7.aarch64.rpm
NetworkManager-wwan-1.8.0-9.el7.aarch64.rpm
libnl3-3.2.28-4.el7.aarch64.rpm
libnl3-cli-3.2.28-4.el7.aarch64.rpm
libnl3-debuginfo-3.2.28-4.el7.aarch64.rpm
libnm-gtk-1.8.0-3.el7.aarch64.rpm
libnma-1.8.0-3.el7.aarch64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.aarch64.rpm
nm-connection-editor-1.8.0-3.el7.aarch64.rpm

noarch:
NetworkManager-config-server-1.8.0-9.el7.noarch.rpm

ppc64:
NetworkManager-1.8.0-9.el7.ppc64.rpm
NetworkManager-adsl-1.8.0-9.el7.ppc64.rpm
NetworkManager-bluetooth-1.8.0-9.el7.ppc64.rpm
NetworkManager-debuginfo-1.8.0-9.el7.ppc.rpm
NetworkManager-debuginfo-1.8.0-9.el7.ppc64.rpm
NetworkManager-glib-1.8.0-9.el7.ppc.rpm
NetworkManager-glib-1.8.0-9.el7.ppc64.rpm
NetworkManager-libnm-1.8.0-9.el7.ppc.rpm
NetworkManager-libnm-1.8.0-9.el7.ppc64.rpm
NetworkManager-libreswan-1.2.4-2.el7.ppc64.rpm
NetworkManager-libreswan-debuginfo-1.2.4-2.el7.ppc64.rpm
NetworkManager-libreswan-gnome-1.2.4-2.el7.ppc64.rpm
NetworkManager-ppp-1.8.0-9.el7.ppc64.rpm
NetworkManager-team-1.8.0-9.el7.ppc64.rpm
NetworkManager-tui-1.8.0-9.el7.ppc64.rpm
NetworkManager-wifi-1.8.0-9.el7.ppc64.rpm
NetworkManager-wwan-1.8.0-9.el7.ppc64.rpm
libnl3-3.2.28-4.el7.ppc.rpm
libnl3-3.2.28-4.el7.ppc64.rpm
libnl3-cli-3.2.28-4.el7.ppc.rpm
libnl3-cli-3.2.28-4.el7.ppc64.rpm
libnl3-debuginfo-3.2.28-4.el7.ppc.rpm
libnl3-debuginfo-3.2.28-4.el7.ppc64.rpm
libnm-gtk-1.8.0-3.el7.ppc.rpm
libnm-gtk-1.8.0-3.el7.ppc64.rpm
libnma-1.8.0-3.el7.ppc.rpm
libnma-1.8.0-3.el7.ppc64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.ppc.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.ppc64.rpm
nm-connection-editor-1.8.0-3.el7.ppc64.rpm

ppc64le:
NetworkManager-1.8.0-9.el7.ppc64le.rpm
NetworkManager-adsl-1.8.0-9.el7.ppc64le.rpm
NetworkManager-bluetooth-1.8.0-9.el7.ppc64le.rpm
NetworkManager-debuginfo-1.8.0-9.el7.ppc64le.rpm
NetworkManager-glib-1.8.0-9.el7.ppc64le.rpm
NetworkManager-libnm-1.8.0-9.el7.ppc64le.rpm
NetworkManager-libreswan-1.2.4-2.el7.ppc64le.rpm
NetworkManager-libreswan-debuginfo-1.2.4-2.el7.ppc64le.rpm
NetworkManager-libreswan-gnome-1.2.4-2.el7.ppc64le.rpm
NetworkManager-ppp-1.8.0-9.el7.ppc64le.rpm
NetworkManager-team-1.8.0-9.el7.ppc64le.rpm
NetworkManager-tui-1.8.0-9.el7.ppc64le.rpm
NetworkManager-wifi-1.8.0-9.el7.ppc64le.rpm
NetworkManager-wwan-1.8.0-9.el7.ppc64le.rpm
libnl3-3.2.28-4.el7.ppc64le.rpm
libnl3-cli-3.2.28-4.el7.ppc64le.rpm
libnl3-debuginfo-3.2.28-4.el7.ppc64le.rpm
libnm-gtk-1.8.0-3.el7.ppc64le.rpm
libnma-1.8.0-3.el7.ppc64le.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.ppc64le.rpm
nm-connection-editor-1.8.0-3.el7.ppc64le.rpm

s390x:
NetworkManager-1.8.0-9.el7.s390x.rpm
NetworkManager-bluetooth-1.8.0-9.el7.s390x.rpm
NetworkManager-debuginfo-1.8.0-9.el7.s390.rpm
NetworkManager-debuginfo-1.8.0-9.el7.s390x.rpm
NetworkManager-glib-1.8.0-9.el7.s390.rpm
NetworkManager-glib-1.8.0-9.el7.s390x.rpm
NetworkManager-libnm-1.8.0-9.el7.s390.rpm
NetworkManager-libnm-1.8.0-9.el7.s390x.rpm
NetworkManager-libreswan-1.2.4-2.el7.s390x.rpm
NetworkManager-libreswan-debuginfo-1.2.4-2.el7.s390x.rpm
NetworkManager-libreswan-gnome-1.2.4-2.el7.s390x.rpm
NetworkManager-ppp-1.8.0-9.el7.s390x.rpm
NetworkManager-team-1.8.0-9.el7.s390x.rpm
NetworkManager-tui-1.8.0-9.el7.s390x.rpm
NetworkManager-wifi-1.8.0-9.el7.s390x.rpm
NetworkManager-wwan-1.8.0-9.el7.s390x.rpm
libnl3-3.2.28-4.el7.s390.rpm
libnl3-3.2.28-4.el7.s390x.rpm
libnl3-cli-3.2.28-4.el7.s390.rpm
libnl3-cli-3.2.28-4.el7.s390x.rpm
libnl3-debuginfo-3.2.28-4.el7.s390.rpm
libnl3-debuginfo-3.2.28-4.el7.s390x.rpm
libnm-gtk-1.8.0-3.el7.s390.rpm
libnm-gtk-1.8.0-3.el7.s390x.rpm
libnma-1.8.0-3.el7.s390.rpm
libnma-1.8.0-3.el7.s390x.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.s390.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.s390x.rpm
nm-connection-editor-1.8.0-3.el7.s390x.rpm

x86_64:
NetworkManager-1.8.0-9.el7.x86_64.rpm
NetworkManager-adsl-1.8.0-9.el7.x86_64.rpm
NetworkManager-bluetooth-1.8.0-9.el7.x86_64.rpm
NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm
NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm
NetworkManager-glib-1.8.0-9.el7.i686.rpm
NetworkManager-glib-1.8.0-9.el7.x86_64.rpm
NetworkManager-libnm-1.8.0-9.el7.i686.rpm
NetworkManager-libnm-1.8.0-9.el7.x86_64.rpm
NetworkManager-libreswan-1.2.4-2.el7.x86_64.rpm
NetworkManager-libreswan-debuginfo-1.2.4-2.el7.x86_64.rpm
NetworkManager-libreswan-gnome-1.2.4-2.el7.x86_64.rpm
NetworkManager-ppp-1.8.0-9.el7.x86_64.rpm
NetworkManager-team-1.8.0-9.el7.x86_64.rpm
NetworkManager-tui-1.8.0-9.el7.x86_64.rpm
NetworkManager-wifi-1.8.0-9.el7.x86_64.rpm
NetworkManager-wwan-1.8.0-9.el7.x86_64.rpm
libnl3-3.2.28-4.el7.i686.rpm
libnl3-3.2.28-4.el7.x86_64.rpm
libnl3-cli-3.2.28-4.el7.i686.rpm
libnl3-cli-3.2.28-4.el7.x86_64.rpm
libnl3-debuginfo-3.2.28-4.el7.i686.rpm
libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm
libnm-gtk-1.8.0-3.el7.i686.rpm
libnm-gtk-1.8.0-3.el7.x86_64.rpm
libnma-1.8.0-3.el7.i686.rpm
libnma-1.8.0-3.el7.x86_64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm
nm-connection-editor-1.8.0-3.el7.x86_64.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

aarch64:
NetworkManager-debuginfo-1.8.0-9.el7.aarch64.rpm
NetworkManager-glib-devel-1.8.0-9.el7.aarch64.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.aarch64.rpm
libnl3-debuginfo-3.2.28-4.el7.aarch64.rpm
libnl3-devel-3.2.28-4.el7.aarch64.rpm
libnl3-doc-3.2.28-4.el7.aarch64.rpm
libnm-gtk-devel-1.8.0-3.el7.aarch64.rpm
libnma-devel-1.8.0-3.el7.aarch64.rpm
network-manager-applet-1.8.0-3.el7.aarch64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.aarch64.rpm

noarch:
NetworkManager-dispatcher-routing-rules-1.8.0-9.el7.noarch.rpm

ppc64:
NetworkManager-debuginfo-1.8.0-9.el7.ppc.rpm
NetworkManager-debuginfo-1.8.0-9.el7.ppc64.rpm
NetworkManager-glib-devel-1.8.0-9.el7.ppc.rpm
NetworkManager-glib-devel-1.8.0-9.el7.ppc64.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.ppc.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.ppc64.rpm
libnl3-debuginfo-3.2.28-4.el7.ppc.rpm
libnl3-debuginfo-3.2.28-4.el7.ppc64.rpm
libnl3-devel-3.2.28-4.el7.ppc.rpm
libnl3-devel-3.2.28-4.el7.ppc64.rpm
libnl3-doc-3.2.28-4.el7.ppc64.rpm
libnm-gtk-devel-1.8.0-3.el7.ppc.rpm
libnm-gtk-devel-1.8.0-3.el7.ppc64.rpm
libnma-devel-1.8.0-3.el7.ppc.rpm
libnma-devel-1.8.0-3.el7.ppc64.rpm
network-manager-applet-1.8.0-3.el7.ppc64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.ppc.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.ppc64.rpm

ppc64le:
NetworkManager-debuginfo-1.8.0-9.el7.ppc64le.rpm
NetworkManager-glib-devel-1.8.0-9.el7.ppc64le.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.ppc64le.rpm
libnl3-debuginfo-3.2.28-4.el7.ppc64le.rpm
libnl3-devel-3.2.28-4.el7.ppc64le.rpm
libnl3-doc-3.2.28-4.el7.ppc64le.rpm
libnm-gtk-devel-1.8.0-3.el7.ppc64le.rpm
libnma-devel-1.8.0-3.el7.ppc64le.rpm
network-manager-applet-1.8.0-3.el7.ppc64le.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.ppc64le.rpm

s390x:
NetworkManager-adsl-1.8.0-9.el7.s390x.rpm
NetworkManager-debuginfo-1.8.0-9.el7.s390.rpm
NetworkManager-debuginfo-1.8.0-9.el7.s390x.rpm
NetworkManager-glib-devel-1.8.0-9.el7.s390.rpm
NetworkManager-glib-devel-1.8.0-9.el7.s390x.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.s390.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.s390x.rpm
libnl3-debuginfo-3.2.28-4.el7.s390.rpm
libnl3-debuginfo-3.2.28-4.el7.s390x.rpm
libnl3-devel-3.2.28-4.el7.s390.rpm
libnl3-devel-3.2.28-4.el7.s390x.rpm
libnl3-doc-3.2.28-4.el7.s390x.rpm
libnm-gtk-devel-1.8.0-3.el7.s390.rpm
libnm-gtk-devel-1.8.0-3.el7.s390x.rpm
libnma-devel-1.8.0-3.el7.s390.rpm
libnma-devel-1.8.0-3.el7.s390x.rpm
network-manager-applet-1.8.0-3.el7.s390x.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.s390.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.s390x.rpm

x86_64:
NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm
NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm
NetworkManager-glib-devel-1.8.0-9.el7.i686.rpm
NetworkManager-glib-devel-1.8.0-9.el7.x86_64.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.i686.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.x86_64.rpm
libnl3-debuginfo-3.2.28-4.el7.i686.rpm
libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm
libnl3-devel-3.2.28-4.el7.i686.rpm
libnl3-devel-3.2.28-4.el7.x86_64.rpm
libnl3-doc-3.2.28-4.el7.x86_64.rpm
libnm-gtk-devel-1.8.0-3.el7.i686.rpm
libnm-gtk-devel-1.8.0-3.el7.x86_64.rpm
libnma-devel-1.8.0-3.el7.i686.rpm
libnma-devel-1.8.0-3.el7.x86_64.rpm
network-manager-applet-1.8.0-3.el7.x86_64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
NetworkManager-1.8.0-9.el7.src.rpm
NetworkManager-libreswan-1.2.4-2.el7.src.rpm
libnl3-3.2.28-4.el7.src.rpm
network-manager-applet-1.8.0-3.el7.src.rpm

x86_64:
NetworkManager-1.8.0-9.el7.x86_64.rpm
NetworkManager-adsl-1.8.0-9.el7.x86_64.rpm
NetworkManager-bluetooth-1.8.0-9.el7.x86_64.rpm
NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm
NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm
NetworkManager-glib-1.8.0-9.el7.i686.rpm
NetworkManager-glib-1.8.0-9.el7.x86_64.rpm
NetworkManager-libnm-1.8.0-9.el7.i686.rpm
NetworkManager-libnm-1.8.0-9.el7.x86_64.rpm
NetworkManager-libreswan-1.2.4-2.el7.x86_64.rpm
NetworkManager-libreswan-debuginfo-1.2.4-2.el7.x86_64.rpm
NetworkManager-libreswan-gnome-1.2.4-2.el7.x86_64.rpm
NetworkManager-ppp-1.8.0-9.el7.x86_64.rpm
NetworkManager-team-1.8.0-9.el7.x86_64.rpm
NetworkManager-tui-1.8.0-9.el7.x86_64.rpm
NetworkManager-wifi-1.8.0-9.el7.x86_64.rpm
NetworkManager-wwan-1.8.0-9.el7.x86_64.rpm
libnl3-3.2.28-4.el7.i686.rpm
libnl3-3.2.28-4.el7.x86_64.rpm
libnl3-cli-3.2.28-4.el7.i686.rpm
libnl3-cli-3.2.28-4.el7.x86_64.rpm
libnl3-debuginfo-3.2.28-4.el7.i686.rpm
libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm
libnm-gtk-1.8.0-3.el7.i686.rpm
libnm-gtk-1.8.0-3.el7.x86_64.rpm
libnma-1.8.0-3.el7.i686.rpm
libnma-1.8.0-3.el7.x86_64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm
nm-connection-editor-1.8.0-3.el7.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

noarch:
NetworkManager-config-server-1.8.0-9.el7.noarch.rpm
NetworkManager-dispatcher-routing-rules-1.8.0-9.el7.noarch.rpm

x86_64:
NetworkManager-debuginfo-1.8.0-9.el7.i686.rpm
NetworkManager-debuginfo-1.8.0-9.el7.x86_64.rpm
NetworkManager-glib-devel-1.8.0-9.el7.i686.rpm
NetworkManager-glib-devel-1.8.0-9.el7.x86_64.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.i686.rpm
NetworkManager-libnm-devel-1.8.0-9.el7.x86_64.rpm
libnl3-debuginfo-3.2.28-4.el7.i686.rpm
libnl3-debuginfo-3.2.28-4.el7.x86_64.rpm
libnl3-devel-3.2.28-4.el7.i686.rpm
libnl3-devel-3.2.28-4.el7.x86_64.rpm
libnl3-doc-3.2.28-4.el7.x86_64.rpm
libnm-gtk-devel-1.8.0-3.el7.i686.rpm
libnm-gtk-devel-1.8.0-3.el7.x86_64.rpm
libnma-devel-1.8.0-3.el7.i686.rpm
libnma-devel-1.8.0-3.el7.x86_64.rpm
network-manager-applet-1.8.0-3.el7.x86_64.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.i686.rpm
network-manager-applet-debuginfo-1.8.0-3.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2017-0553
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2017 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iD8DBQFZgEg3XlSAg2UNWIIRAkjpAJ9Un+idjyGpaGP1A2Yoox/fpan7SACfS0dn
9pjjLzEg4D1E5JXtoE7Owgc=
=Vh34
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWYFNbox+lLeg9Ub1AQhZCw/7BvKz0TXX5rF1vtEIL1Zs++Lg+nZVUSc5
Xm3VYk3OrzkWZ2lGbsxNEUHqBYM+NkUgSypOxDLzjlWhEmcp+ISwV/dX4eYkvwuM
nDal6DCH5lZg+cPgfPuZMcAbo0fvpKQY9HRTCRrY1tVfr+H9PedV+qxpNscP5rzV
GSaKphXAaWJphXQ7ytpCwGKnsuXPiLF0IXNrLKCAZUO70RFCpJCieC2Hl/6UlUxT
tQE9Nhht4z3fWtt5KwoxV+9m0dGdFYYMtOHJM9am/qKwFGAVyMuNcoh2Y5iimftJ
u3th2NuHLxgxYJeU0TU7ujqizqsPEPIOqv2x2dDTrekHdEQ5h66nOkYIMfPc43FS
1wsNMGvJF3H348p33kVqxSPRp/eBbGzPWkLR7z3nLs/zG9G1GDCZiDKkcf7oAo0n
QPj3ocXdEYKvEIfJ97PsZVfoAwFWagEjv/aJR0vJo1t9n15OlmOy2QzONttq5qr0
N1+Yr/eN3yyK7opPKt9KK9MiSWMVYiM5j25INCo/eNhlU2TvrR8PmKaDaK8vgnCt
0pqw3beMDklkD6pz8Z0PbF1vDZf2kGKnP9evOtNclQEP/YZAYCiTsZG3LMxfEEfx
uQUxcaDv3NLe1LTCmHv+RFrlRzmWTSgA/MUXA90mAOynZpwol5qkhuK8xqcPRBq4
XOIOW4BctdU=
=WVuf
-----END PGP SIGNATURE-----

« Back to bulletins