NetworkManager network-manager-applet 1.8.0 (CVE-2017-6590)

[Douglas R. Reno]

New minor versions.

I'll take this one, and put it on my ThinkPad. This'll include support for Mobile Broadband too thanks to the new 4G LTE card that I have purchased and will install tomorrow.

[Douglas R. Reno]

Taking these.

I'll get to at least gtk+-3.22.14 tomorrow, as well as at-spi2-*.

[bdubbs@…]

Milestone renamed

[bdubbs@…]

Milestone renamed

[Douglas R. Reno]

NetworkManager:

============================================
NetworkManager-1.8
Overview of changes since NetworkManager-1.6
============================================

This is a new stable release of NetworkManager.  Notable changes include:

* Default routes set by devices that failed connectivity checks are now
    penalized with a higher metric
* nmcli is now able to produce output more friendly for machine parsing
* The slaves available at the time a master connection is activated are
    enslaved in a stable order, making the automatic MAC address for Bonding
    devices more predictable.
* Hostname management is now more flexibly configured
* Support for additional route options (pref-src, src, tos, window, cwnd,
    initcwnd, initrwnd, mtu, lock-window, lock-cwnd, lock-initcwnd, lock-initrwnd,
    and lock-mtu).
* Fixed detection of EAP-FAST support in wpa_supplicant
* Support for handling PINs for PKCS#11 tokens as secrets
* GSM and CDMA connections now have a MTU property
* An option to disable selected TLS versions during EAP phase 1 authentication
* The 802.1x authentication timeout is now configurable to allow a faster
    fallback to other connections
* Persist managed state of device until reboot. This improves seamless take over
    of a previously managed device after restart of NetworkManager.
* Better handle devices that are externally managed by somebody else by
    consistently generating an in-memory connection to reflect the external
    state.
* Expose SRIOV capability of a device on D-Bus and support configuring the
    number of virtual functions via NetworkManager.conf.
* Support matching networking devices via new "driver:" device spec in
    NetworkManager.conf.
* Introduced support for creating and managing dummy links
* The teaming devices now support setting a hardcoded MAC address
* Settings of bonding devices can now be modified on-the-fly, without the
    need to reactivate a connection
* The failures to activate a connection now communicate better error
    responses to nmcli
* Dropped dependency on libgudev
* Reverse Path filtering is now disabled in multihoming configurations where
    it would interfere with legitimate network traffic
* libcurl is used instead of libsoup for connectivity checking, resulting in
    a smaller dependency footprint
* With DNS mode "rc-manager=symlink", don't write /etc/resolv.conf as
    a symlink if it already exists as a regular file.
* Support attaching user-data in form of key-value pairs to connection profiles.
* Fix accpeting fully qualified name for ipv4.dhcp-hostname setting.
* Make NetworkManager more forgiving to failure to change the MAC address during
    scanning.
* Many bug fixes and improvements

[Douglas R. Reno]

network-manager-applet

======================================================
network-manager-applet-1.8
Overview of changes since network-manager-applet-1.4.6
======================================================

This is a new stable release of network-manager-applet.  Notable changes include:

* Warn editor users if certificates have wrong SELinux labels
* Added a PKCS#11 capable certificate chooser to EAP-TLS
* Request Wi-Fi scan when showing the menu and update the scan
    result list dynamically.
* Prevent the use from opening a file open dialog if they don't have
    permission to edit connections (e.g. in the login manager session)
    (CVE-2017-6590)
* Fix broken libnma's pygobject library
* Add version macros to libnma.

Security flaw: CVE-2017-6590

[Douglas R. Reno]

Fixed at r18764