Mailinglist Archive: opensuse-updates (41 mails)

< Previous Next >
openSUSE-SU-2012:0101-1: moderate: NetworkManager-gnome
openSUSE Security Update: NetworkManager-gnome

Announcement ID: openSUSE-SU-2012:0101-1
Rating: moderate
References: #574266 #732700
Affected Products:
openSUSE 11.4
openSUSE 11.3

An update that contains security fixes can now be installed.


NetworkManager did not pin a certificate's subject to an
ESSID. A rogue access point could therefore be used to
conduct MITM attacks by using any other valid certificate
issued by same CA as used in the original network

Please note that existing WPA2 Enterprise connections need
to be deleted and re-created to take advantage of the new
security checks.

This is a re-release of the previous update to also enable
the checks for EAP-TLS.

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch NetworkManager-gnome-5627

- openSUSE 11.3:

zypper in -t patch NetworkManager-gnome-5627

To bring your system up-to-date, use "zypper patch".

Package List:

- openSUSE 11.4 (i586 x86_64):


- openSUSE 11.4 (noarch):


- openSUSE 11.3 (i586 x86_64):



< Previous Next >
This Thread
  • No further messages