* [Buildroot] [PATCH 1/1] package/network-manager: security bump to version 1.22.16
@ 2021-04-09 16:43 Fabrice Fontaine
2021-04-09 19:12 ` Peter Korsgaard
2021-04-25 6:47 ` Peter Korsgaard
0 siblings, 2 replies; 5+ messages in thread
From: Fabrice Fontaine @ 2021-04-09 16:43 UTC (permalink / raw)
To: buildroot
ifcfg-rh: handle "802-1x.{,phase2-}ca-path". Otherwise setting this
property silently fails and a profile might accidentally not perform
any authentication (CVE-2020-10754).
Update indentation in hash file (two spaces)
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.22.16/NEWS
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/network-manager/network-manager.hash | 10 +++++-----
package/network-manager/network-manager.mk | 2 +-
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/package/network-manager/network-manager.hash b/package/network-manager/network-manager.hash
index 93a9b5017e..aef06dde2c 100644
--- a/package/network-manager/network-manager.hash
+++ b/package/network-manager/network-manager.hash
@@ -1,6 +1,6 @@
-# From https://download.gnome.org/sources/NetworkManager/1.20/NetworkManager-1.22.10.sha256sum
-sha256 2b29ccc1531ba7ebba95a97f40c22b963838e8b6833745efe8e6fb71fd8fca77 NetworkManager-1.22.10.tar.xz
+# From https://download.gnome.org/sources/NetworkManager/1.22/NetworkManager-1.22.16.sha256sum
+sha256 377aa053752eaa304b72c9906f9efcd9fbd5f7f6cb4cd4ad72425a68982cffc6 NetworkManager-1.22.16.tar.xz
# Locally computed
-sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
-sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LGPL
-sha256 f0543c137bc0eece552d42642d1bab31707ca3b3663d9c7a81ac3b270a4780e7 CONTRIBUTING
+sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
+sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LGPL
+sha256 f0543c137bc0eece552d42642d1bab31707ca3b3663d9c7a81ac3b270a4780e7 CONTRIBUTING
diff --git a/package/network-manager/network-manager.mk b/package/network-manager/network-manager.mk
index 9402564cb4..607c2b402b 100644
--- a/package/network-manager/network-manager.mk
+++ b/package/network-manager/network-manager.mk
@@ -5,7 +5,7 @@
################################################################################
NETWORK_MANAGER_VERSION_MAJOR = 1.22
-NETWORK_MANAGER_VERSION = $(NETWORK_MANAGER_VERSION_MAJOR).10
+NETWORK_MANAGER_VERSION = $(NETWORK_MANAGER_VERSION_MAJOR).16
NETWORK_MANAGER_SOURCE = NetworkManager-$(NETWORK_MANAGER_VERSION).tar.xz
NETWORK_MANAGER_SITE = https://download.gnome.org/sources/NetworkManager/$(NETWORK_MANAGER_VERSION_MAJOR)
NETWORK_MANAGER_INSTALL_STAGING = YES
--
2.30.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/1] package/network-manager: security bump to version 1.22.16
2021-04-09 16:43 [Buildroot] [PATCH 1/1] package/network-manager: security bump to version 1.22.16 Fabrice Fontaine
@ 2021-04-09 19:12 ` Peter Korsgaard
2021-04-09 21:10 ` Fabrice Fontaine
2021-04-25 6:47 ` Peter Korsgaard
1 sibling, 1 reply; 5+ messages in thread
From: Peter Korsgaard @ 2021-04-09 19:12 UTC (permalink / raw)
To: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> ifcfg-rh: handle "802-1x.{,phase2-}ca-path". Otherwise setting this
> property silently fails and a profile might accidentally not perform
> any authentication (CVE-2020-10754).
ifcfg-rh sounds like something specific to Redhat distributions? I guess
it isn't used in Buildroot?
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/1] package/network-manager: security bump to version 1.22.16
2021-04-09 19:12 ` Peter Korsgaard
@ 2021-04-09 21:10 ` Fabrice Fontaine
2021-04-09 21:32 ` Peter Korsgaard
0 siblings, 1 reply; 5+ messages in thread
From: Fabrice Fontaine @ 2021-04-09 21:10 UTC (permalink / raw)
To: buildroot
Dear Peter,
Le ven. 9 avr. 2021 ? 21:13, Peter Korsgaard <peter@korsgaard.com> a ?crit :
>
> >>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
>
> > ifcfg-rh: handle "802-1x.{,phase2-}ca-path". Otherwise setting this
> > property silently fails and a profile might accidentally not perform
> > any authentication (CVE-2020-10754).
>
> ifcfg-rh sounds like something specific to Redhat distributions? I guess
> it isn't used in Buildroot?
Indeed, the "security" part should probably be dropped from this bump.
>
> --
> Bye, Peter Korsgaard
Best Regards,
Fabrice
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/1] package/network-manager: security bump to version 1.22.16
2021-04-09 21:10 ` Fabrice Fontaine
@ 2021-04-09 21:32 ` Peter Korsgaard
0 siblings, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2021-04-09 21:32 UTC (permalink / raw)
To: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> Dear Peter,
> Le ven. 9 avr. 2021 ? 21:13, Peter Korsgaard <peter@korsgaard.com> a ?crit :
>>
>> >>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
>>
>> > ifcfg-rh: handle "802-1x.{,phase2-}ca-path". Otherwise setting this
>> > property silently fails and a profile might accidentally not perform
>> > any authentication (CVE-2020-10754).
>>
>> ifcfg-rh sounds like something specific to Redhat distributions? I guess
>> it isn't used in Buildroot?
> Indeed, the "security" part should probably be dropped from this bump.
OK. Committed after updating the commit message to clarify this, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/1] package/network-manager: security bump to version 1.22.16
2021-04-09 16:43 [Buildroot] [PATCH 1/1] package/network-manager: security bump to version 1.22.16 Fabrice Fontaine
2021-04-09 19:12 ` Peter Korsgaard
@ 2021-04-25 6:47 ` Peter Korsgaard
1 sibling, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2021-04-25 6:47 UTC (permalink / raw)
To: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> ifcfg-rh: handle "802-1x.{,phase2-}ca-path". Otherwise setting this
> property silently fails and a profile might accidentally not perform
> any authentication (CVE-2020-10754).
> Update indentation in hash file (two spaces)
> https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/1.22.16/NEWS
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Committed to 2021.02.x given the fixes, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-04-25 6:47 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-09 16:43 [Buildroot] [PATCH 1/1] package/network-manager: security bump to version 1.22.16 Fabrice Fontaine
2021-04-09 19:12 ` Peter Korsgaard
2021-04-09 21:10 ` Fabrice Fontaine
2021-04-09 21:32 ` Peter Korsgaard
2021-04-25 6:47 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.