<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:arial,helvetica,sans-serif;font-size:18pt"><div><span style="color: rgb(0, 0, 255);"><span style="font-weight: bold;">Marc,<br><br>  Hey dude , thanks for the heads up, I appreciate it.  I love the simplicity and versatility of ubuntu, and its resistance to viral strains, thanks again,
 peace.<br>                                                                                                         a.g.<br></span></span></div><div style="font-family: arial,helvetica,sans-serif; font-size: 18pt;"><br><div style="font-family: arial,helvetica,sans-serif; font-size: 13px;"><font size="2" face="Tahoma"><hr size="1"><b><span style="font-weight: bold;">From:</span></b> Marc Deslauriers
 <marc.deslauriers@canonical.com><br><b><span style="font-weight: bold;">To:</span></b> ubuntu-security-announce@lists.ubuntu.com<br><b><span style="font-weight: bold;">Cc:</span></b> full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com<br><b><span style="font-weight: bold;">Sent:</span></b> Wed, January 13, 2010 9:39:58 AM<br><b><span style="font-weight: bold;">Subject:</span></b> [USN-883-1] network-manager-applet vulnerabilities<br></font><br>
===========================================================<br>Ubuntu Security Notice USN-883-1           January 13, 2010<br>network-manager-applet vulnerabilities<br>CVE-2009-4144, CVE-2009-4145<br>===========================================================<br><br>A security issue affects the following Ubuntu releases:<br><br>Ubuntu 8.10<br>Ubuntu 9.04<br><br>This advisory also applies to the corresponding versions of<br>Kubuntu, Edubuntu, and Xubuntu.<br><br>The problem can be corrected by upgrading your system to the<br>following package versions:<br><br>Ubuntu 8.10:<br>  network-manager-gnome           0.7~~svn20081020t000444-0ubuntu1.8.10.3<br><br>Ubuntu 9.04:<br>  network-manager-gnome           0.7.1~rc4.1-0ubuntu2.1<br><br>After a standard system upgrade you need to restart your session to effect<br>the necessary changes.<br><br>Details follow:<br><br>It was
 discovered that NetworkManager did not ensure that the Certification<br>Authority (CA) certificate file remained present when using WPA Enterprise<br>or 802.1x networks. A remote attacker could use this flaw to spoof the<br>identity of a wireless network and view sensitive information.<br>(CVE-2009-4144)<br><br>It was discovered that the connection editor GUI would incorrectly export<br>objects over D-Bus. A local user could read D-Bus signals to view other<br>users' network connection passwords and pre-shared keys. (CVE-2009-4145)<br><br><br>Updated packages for Ubuntu 8.10:<br><br>  Source archives:<br><br><span>    <a target="_blank"
 href="http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7%7E%7Esvn20081020t000444-0ubuntu1.8.10.3.diff.gz">http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7~~svn20081020t000444-0ubuntu1.8.10.3.diff.gz</a></span><br>      Size/MD5:    52472 b82ebcb1945e432b7141c51500cf54d0<br><span>    <a target="_blank" href="http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7%7E%7Esvn20081020t000444-0ubuntu1.8.10.3.dsc">http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7~~svn20081020t000444-0ubuntu1.8.10.3.dsc</a></span><br>      Size/MD5:     1745 682f49446d481b1c47a9191a7e8863d0<br><span>    <a target="_blank"
 href="http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7%7E%7Esvn20081020t000444.orig.tar.gz">http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7~~svn20081020t000444.orig.tar.gz</a></span><br>      Size/MD5:   668729 af829714605058afb3cf77c5d419ae83<br><br>  amd64 architecture (Athlon64, Opteron, EM64T Xeon):<br><br><span>    <a target="_blank" href="http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-gnome_0.7%7E%7Esvn20081020t000444-0ubuntu1.8.10.3_amd64.deb">http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-gnome_0.7~~svn20081020t000444-0ubuntu1.8.10.3_amd64.deb</a></span><br>      Size/MD5:   314590 93926fe52218799bb9582a9937625ebc<br><br>  i386 architecture (x86 compatible Intel/AMD):<br><br><span>    <a target="_blank"
 href="http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-gnome_0.7%7E%7Esvn20081020t000444-0ubuntu1.8.10.3_i386.deb">http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-gnome_0.7~~svn20081020t000444-0ubuntu1.8.10.3_i386.deb</a></span><br>      Size/MD5:   300692 e8130472fa267cd98d5696a660f7121b<br><br>  lpia architecture (Low Power Intel Architecture):<br><br><span>    <a target="_blank" href="http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7%7E%7Esvn20081020t000444-0ubuntu1.8.10.3_lpia.deb">http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7~~svn20081020t000444-0ubuntu1.8.10.3_lpia.deb</a></span><br>      Size/MD5:   299180 9b9c2a8e5577ede2474873c864dfb620<br><br>  powerpc architecture (Apple Macintosh G3/G4/G5):<br><br><span>    <a target="_blank"
 href="http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7%7E%7Esvn20081020t000444-0ubuntu1.8.10.3_powerpc.deb">http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7~~svn20081020t000444-0ubuntu1.8.10.3_powerpc.deb</a></span><br>      Size/MD5:   310850 051260d8bf82146f1533e10ec842db46<br><br>  sparc architecture (Sun SPARC/UltraSPARC):<br><br><span>    <a target="_blank" href="http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7%7E%7Esvn20081020t000444-0ubuntu1.8.10.3_sparc.deb">http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7~~svn20081020t000444-0ubuntu1.8.10.3_sparc.deb</a></span><br>      Size/MD5:   303226 0fcfffc3b7948a93d8c20a22a867b34e<br><br>Updated packages for Ubuntu 9.04:<br><br>  Source archives:<br><br><span>    <a target="_blank"
 href="http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7.1%7Erc4.1-0ubuntu2.1.diff.gz">http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7.1~rc4.1-0ubuntu2.1.diff.gz</a></span><br>      Size/MD5:    39587 f761e8d9cbe68d5ff1a1ef1f373d0855<br><span>    <a target="_blank" href="http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7.1%7Erc4.1-0ubuntu2.1.dsc">http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7.1~rc4.1-0ubuntu2.1.dsc</a></span><br>      Size/MD5:     1621 83c06ab153587c3d3ece6ec8d27e8fa6<br><span>    <a target="_blank"
 href="http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7.1%7Erc4.1.orig.tar.gz">http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-applet_0.7.1~rc4.1.orig.tar.gz</a></span><br>      Size/MD5:   812190 85177fb4f930e731187ad1f811f07888<br><br>  amd64 architecture (Athlon64, Opteron, EM64T Xeon):<br><br><span>    <a target="_blank" href="http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-gnome_0.7.1%7Erc4.1-0ubuntu2.1_amd64.deb">http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-gnome_0.7.1~rc4.1-0ubuntu2.1_amd64.deb</a></span><br>      Size/MD5:   381524 c8a4ece54773441228662a1d8f0b78c0<br><br>  i386 architecture (x86 compatible Intel/AMD):<br><br><span>    <a target="_blank"
 href="http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-gnome_0.7.1%7Erc4.1-0ubuntu2.1_i386.deb">http://security.ubuntu.com/ubuntu/pool/main/n/network-manager-applet/network-manager-gnome_0.7.1~rc4.1-0ubuntu2.1_i386.deb</a></span><br>      Size/MD5:   365622 13d6469d61d2323a6813e2ef763eccb2<br><br>  lpia architecture (Low Power Intel Architecture):<br><br><span>    <a target="_blank" href="http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7.1%7Erc4.1-0ubuntu2.1_lpia.deb">http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7.1~rc4.1-0ubuntu2.1_lpia.deb</a></span><br>      Size/MD5:   362318 17f179f208b66b13320543e806f7aaed<br><br>  powerpc architecture (Apple Macintosh G3/G4/G5):<br><br><span>    <a target="_blank"
 href="http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7.1%7Erc4.1-0ubuntu2.1_powerpc.deb">http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7.1~rc4.1-0ubuntu2.1_powerpc.deb</a></span><br>      Size/MD5:   375036 32034d9e9af5d92a8a8174a2684f1ce2<br><br>  sparc architecture (Sun SPARC/UltraSPARC):<br><br><span>    <a target="_blank" href="http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7.1%7Erc4.1-0ubuntu2.1_sparc.deb">http://ports.ubuntu.com/pool/main/n/network-manager-applet/network-manager-gnome_0.7.1~rc4.1-0ubuntu2.1_sparc.deb</a></span><br>      Size/MD5:   368592 95d9b33243243701ecf97145d473043e<br><br><br><br></div></div>
<!-- cg30.c4.mail.gq1.yahoo.com compressed/chunked Fri Jan 15 08:52:50 PST 2010 -->
</div><br>

      </body></html>