Table of Contents
Advertisement
* running netstat with the "-o" switch adds information about working TCP timers to the command
ouput. TCP timers for a connection can include "on", "off", "keepalive" and "timewait". When network
load is very high (ie when the TCP Window Size is zero) the probe timer should be listed. Previously,
however, "unkn-4" was presented instead. With this update, if the probe timer is working in the kernel,
it will now, correctly, be listed in the output of "netstat -o".
* when setting the MULTICAST mode on and off, ifconfig was showing an unnecessary "Warning:
Interface [interface name] still in ALLMULTI mode." message. With this update, the message no longer
1510
presents.
(BZ#477876
* a fixed length, 1024 byte buffer in the statistics.c:process_fd() function caused "netstat -s" to fail with
a "error parsing /proc/net/netstat: Success" error. The buffer has been increased to 2048 bytes and the
command now displays summary statistics for each protocol as expected.
All net-tools users should install this updated package, which makes these corrections and addresses
these issues.
1.131. NetworkManager
1.131.1. RHSA-2010:0108: Moderate security update
Important
This update has already been released (prior to the GA of this release) as the security
RHSA-2010:0108
errata
Updated NetworkManager packages that fix two security issues are now available for Red Hat
Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red Hat Security Response
Team.
NetworkManager is a network link manager that attempts to keep a wired or wireless network
connection active at all times.
A missing network certificate verification flaw was found in NetworkManager. If a user created a
WPA Enterprise or 802.1x wireless network connection that was verified using a Certificate Authority
(CA) certificate, and then later removed that CA certificate file, NetworkManager failed to verify the
identity of the network on the following connection attempts. In these situations, a malicious wireless
network spoofing the original network could trick a user into disclosing authentication credentials or
communicating over an untrusted network.
An information disclosure flaw was found in NetworkManager's nm-connection-editor D-Bus interface.
If a user edited network connection options using nm-connection-editor, a summary of those changes
was broadcasted over the D-Bus message bus, possibly disclosing sensitive information (such as
wireless network authentication credentials) to other local users.
1509
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=466845
1510
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=477876
1511
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=493314
1513
https://www.redhat.com/security/data/cve/CVE-2009-4144.html
1514
https://www.redhat.com/security/data/cve/CVE-2009-4145.html
)
1512
(CVE-2009-4144
1509
(BZ#466845
)
(BZ#493314
1513
)
(CVE-2009-4145
NetworkManager
1511
)
1514
)
179
Advertisement
Table of Contents
