UbuntuUpdates.org

Package "netplan.io"

Name: netplan.io

Description:

Declarative network configuration for various backends
Latest version: 1.0-2ubuntu1.1
Release: noble (24.04)
Level: security
Repository: main
Homepage: https://netplan.io/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "netplan.io"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "netplan.io" in Noble

Repository Area Version
base main 1.0-2ubuntu1
updates main 1.0-2ubuntu1.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.0-2ubuntu1.1 2024-06-26 17:07:28 UTC

  netplan.io (1.0-2ubuntu1.1) noble-security; urgency=medium

  * SECURITY UPDATE: weak permissions on secret files, command injection
    - d/p/lp2065738/0014-libnetplan-use-more-restrictive-file-permissions.patch:
      Use more restrictive file permissions to prevent unprivileged users to
      read sensitive data from back end files (LP: #2065738, #1987842)
    - CVE-2022-4968
    - d/p/lp2066258/0015-libnetplan-escape-control-characters.patch:
      Escape control characters in the parser and double quotes in backend
      files.
    - d/p/lp2066258/0016-backends-escape-file-paths.patch:
      Escape special characters in file paths.
    - d/p/lp2066258/0017-backends-escape-semicolons-in-service-units.patch:
      Escape isolated semicolons in systemd service units. (LP: #2066258)
  * debian/netplan-generator.postinst: Add a postinst maintainer script to call
    the generator. It's needed so the file permissions fixes will be applied
    automatically, thanks to danilogondolfo

 -- Sudhakar Verma <email address hidden> Tue, 25 Jun 2024 00:13:00 +0530
2065738 Leaks wireguard keys
CVE-2022-4968 netplan leaks the private key of wireguard to local users. A security fix will be released soon.


About   -   Send Feedback to @ubuntu_updates