ALSA-2021:4361

See a problem?
Please try reporting it to the source first.

Source

https://errata.almalinux.org/8/ALSA-2021-4361.html

Import Source

https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:4361.json

JSON Data

https://api.osv.dev/v1/vulns/ALSA-2021:4361

Related

CVE-2020-13529

Published

2021-11-09T09:11:14Z

Modified

2021-11-12T10:21:01Z

Summary

Moderate: NetworkManager security, bug fix, and enhancement update

Details

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services.

The following packages have been upgraded to a later upstream version: NetworkManager (1.32.10). (BZ#1934465)

Security Fix(es):

systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured (CVE-2020-13529)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References

https://vulners.com/cve/CVE-2020-13529

Affected packages

AlmaLinux:8 / NetworkManager-cloud-setup

Package

Name: NetworkManager-cloud-setup

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.32.10-4.el8

AlmaLinux:8 / NetworkManager-libnm-devel

Package

Name: NetworkManager-libnm-devel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.32.10-4.el8