Package "netplan.io"
Name: |
netplan.io
|
Description: |
Declarative network configuration for various backends
|
Latest version: |
1.0-2ubuntu1.1 |
Release: |
noble (24.04) |
Level: |
security |
Repository: |
main |
Homepage: |
https://netplan.io/ |
Links
Download "netplan.io"
Other versions of "netplan.io" in Noble
Packages in group
Deleted packages are displayed in grey.
Changelog
netplan.io (1.0-2ubuntu1.1) noble-security; urgency=medium
* SECURITY UPDATE: weak permissions on secret files, command injection
- d/p/lp2065738/0014-libnetplan-use-more-restrictive-file-permissions.patch:
Use more restrictive file permissions to prevent unprivileged users to
read sensitive data from back end files (LP: #2065738, #1987842)
- CVE-2022-4968
- d/p/lp2066258/0015-libnetplan-escape-control-characters.patch:
Escape control characters in the parser and double quotes in backend
files.
- d/p/lp2066258/0016-backends-escape-file-paths.patch:
Escape special characters in file paths.
- d/p/lp2066258/0017-backends-escape-semicolons-in-service-units.patch:
Escape isolated semicolons in systemd service units. (LP: #2066258)
* debian/netplan-generator.postinst: Add a postinst maintainer script to call
the generator. It's needed so the file permissions fixes will be applied
automatically, thanks to danilogondolfo
-- Sudhakar Verma <email address hidden> Tue, 25 Jun 2024 00:13:00 +0530
|
2065738 |
Leaks wireguard keys |
CVE-2022-4968 |
netplan leaks the private key of wireguard to local users. A security fix will be released soon. |
|
About
-
Send Feedback to @ubuntu_updates