UbuntuUpdates.org

Package "libnetplan1"

Name: libnetplan1

Description:

Declarative network configuration runtime library

Latest version: 1.0.1-1ubuntu2~24.04.1
Release: noble (24.04)
Level: updates
Repository: main
Head package: netplan.io
Homepage: https://netplan.io/

Links


Download "libnetplan1"


Other versions of "libnetplan1" in Noble

Repository Area Version
base main 1.0-2ubuntu1
security main 1.0-2ubuntu1.2

Changelog

Version: 1.0.1-1ubuntu2~24.04.1 2024-08-21 18:07:07 UTC

  netplan.io (1.0.1-1ubuntu2~24.04.1) noble; urgency=medium

  * Backport netplan.io 1.0.1-1ubuntu2 to 24.04 (LP: #2074197):
    - sriov: accept setting the eswitch mode without VFs (LP: 2020409)
    - cli/sriov: refactoring
    - tests: use proper 0o600 file permissions in more places
    - doc: Adding missing 'watchfiles' dependency for Sphinx
    - doc: Minor fixes in lang. and mark-up in YAML reference
    - doc: Tutorial reorg & lang. + formatting improvements
    - networkd: add wait-online enumeration utils
    - generate: enable systemd-networkd-wait-online for non-optional interfaces
    - CLI:utils: Do not ask for daemon-reload password interactively
    - CLI:generate: call daemon-reload after (re-)generating services
    - wait-online: Do not block on loopback interface
    - generate: Do not touch wait-online, if we don't have any networkd NetDefs
    - wait-online: wait for existing interfaces only and downgrade operational
      state for interfaces without IP configuration
    - wait-online: account for DHCPv4/v6 addresses
    - wait-online: do not require virtual devices to be created already
    - wait-online: recognize that bridge/bond members will never gain
      link-local addresses
    - networkd:apply: Drop handling of legacy wpa@ instance units
    - wait-online: disabled wait-online for stable 1.0
    - test:integration: Try to improve test flakyness
    - autopkgtest: More fixes for flaky 'ethernets' test
    - Increase some test timeouts to account for slow (riscv64) buildds
    SECURITY UPDATE:
    - libnetplan: use more restrictive file permissions
      (Closes: #1072789, LP: 2065738, LP: 1987842)
    - CVE-2022-4968
    - libnetplan: escape control characters
    - backends: escape file paths
    - backends: escape semicolons in service units (LP: 2066258)
    Bug fixes:
    - cli: Fix logging setup when python-rich is not present
    - CI: fix DebCI case for no-change rebuilds
    - CI: adopt autopkgtest for 1.0-1 on 22.04
    - doc: Update README, move CODE_OF_CONDUCT
    - doc: fix en_GB spelling
    - CI: adopt snapd.patch for autopkgtest SRU (LP: 2051939)
    - parse-nm: add a workaround for the DoT DNS option (LP: 2055148)
    - CI: Install netplan-ci PPA
    - parse: don't remove datalist items during iteration
    - ATTN: parse/bonds: handle same primary in multiple bonds
    - parse/bonds: don't fail on primary reassignment
    - cli/sriov: set eswitch regardless of pcidev.vfs
    - doc: Fix wrong bonds.parameters.mode syntax in example
    - parse: fix redefinition of gateway(4|6)
    - doc:tutorial: fix whitespace formatting
    - util: fix potential NULL pointer assert
    - python: elements of __all__ must be strings
    - tests: fix diff test with iproute2 6.8
    - cli/generate: skip daemon_reload with --mapping
    - test: cleanup after wait_online test to fix DebCI
    - CI: fork spread to get !179 fixes
    - doc: Fix netplan-generate.md formatting !483
    - emitter: allow unicode characters in the emitter (LP: 2071652)
    - parse: do not escape all non-ascii bytes
  * d/t/control: 'diff' autopkgtest is not flaky anymore
  * d/patches: Drop patches, applied upstream
  * d/p/0002-CLI-apply-call-udevadm-trigger-using-action-add-Clos.patch:
    Update 'udevadm trigger' patch, using MOVE action (LP: 2071363)
  * d/p/0003-Revert-wait-online-disabled-wait-online-for-stable-1.patch:
    Fix wait-online via s-n-wait-online.service.d/10-netplan.
  * debian/netplan-generator.postinst: Add a postinst maintainer script to call
    the generator, so the file permissions fixes will be applied automatically.
  * d/libnetplan1.symbols:
    - Update for new internal wait-online symbol
    - Update for new (private) symbol
  * d/copyright: Update for 2024

 -- Danilo Egea Gondolfo <email address hidden> Wed, 17 Jul 2024 18:12:26 +0100

Source diff to previous version
2074197 [SRU] Backport netplan.io 1.0.1-1ubuntu2 to 24.04
1072789 netplan.io: CVE-2022-4968
CVE-2022-4968 netplan leaks the private key of wireguard to local users. A security fix will be released soon.

Version: 1.0-2ubuntu1.2 2024-06-28 23:07:30 UTC

  netplan.io (1.0-2ubuntu1.2) noble-security; urgency=medium

  * SECURITY REGRESSION: failure on systems without dbus
    - debian/netplan-generator.postinst: Don't call the generator if no
      networkd configuration file exists. (LP: #2071333)

 -- Sudhakar Verma <email address hidden> Fri, 28 Jun 2024 22:40:44 +0530

Source diff to previous version
2071333 netplan.io causes systemctl enable to fail on systems without dbus

Version: 1.0-2ubuntu1.1 2024-06-26 18:07:07 UTC

  netplan.io (1.0-2ubuntu1.1) noble-security; urgency=medium

  * SECURITY UPDATE: weak permissions on secret files, command injection
    - d/p/lp2065738/0014-libnetplan-use-more-restrictive-file-permissions.patch:
      Use more restrictive file permissions to prevent unprivileged users to
      read sensitive data from back end files (LP: #2065738, #1987842)
    - CVE-2022-4968
    - d/p/lp2066258/0015-libnetplan-escape-control-characters.patch:
      Escape control characters in the parser and double quotes in backend
      files.
    - d/p/lp2066258/0016-backends-escape-file-paths.patch:
      Escape special characters in file paths.
    - d/p/lp2066258/0017-backends-escape-semicolons-in-service-units.patch:
      Escape isolated semicolons in systemd service units. (LP: #2066258)
  * debian/netplan-generator.postinst: Add a postinst maintainer script to call
    the generator. It's needed so the file permissions fixes will be applied
    automatically, thanks to danilogondolfo

 -- Sudhakar Verma <email address hidden> Tue, 25 Jun 2024 00:13:00 +0530

2065738 Leaks wireguard keys
CVE-2022-4968 netplan leaks the private key of wireguard to local users. A security fix will be released soon.



About   -   Send Feedback to @ubuntu_updates