public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
From: dkosovic <doug@uq.edu.au>
To: git-commits@fedoraproject.org
Subject: [rpms/NetworkManager-l2tp] epel10: Updated to 1.52.0 release
Date: Thu, 02 Jul 2026 12:55:23 GMT	[thread overview]
Message-ID: <178299692358.1.9644507221403293420.rpms-NetworkManager-l2tp-07029425980b@fedoraproject.org> (raw)

            A new commit has been pushed.

            Repo   : rpms/NetworkManager-l2tp
            Branch : epel10
            Commit : 07029425980be3c9709e775ce723ceeace6000dc
            Author : dkosovic <doug@uq.edu.au>
            Date   : 2026-01-11T13:37:17+10:00
            Stats  : +44/-6 in 3 file(s)
            URL    : https://src.fedoraproject.org/rpms/NetworkManager-l2tp/c/07029425980be3c9709e775ce723ceeace6000dc?branch=epel10

            Log:
            Updated to 1.52.0 release

  Verify file permissions for private connections to prevent unprivileged
  user from using other user's certs (CVE-2025-9615)
Ensure NetworkManager dependency has CVE-2025-9615 update.
Correct sed example in generated README.Fedora and README.EPEL files.

---
diff --git a/.gitignore b/.gitignore
index adf255f..c6a0826 100644
--- a/.gitignore
+++ b/.gitignore
@@ -25,3 +25,4 @@
 /NetworkManager-l2tp-1.20.14.tar.xz
 /NetworkManager-l2tp-1.20.16.tar.xz
 /NetworkManager-l2tp-1.20.20.tar.xz
+/NetworkManager-l2tp-1.52.0.tar.xz

diff --git a/NetworkManager-l2tp.spec b/NetworkManager-l2tp.spec
index 2fd4472..af4a85b 100644
--- a/NetworkManager-l2tp.spec
+++ b/NetworkManager-l2tp.spec
@@ -6,8 +6,8 @@
 
 Summary:   NetworkManager VPN plugin for L2TP and L2TP/IPsec
 Name:      NetworkManager-l2tp
-Version:   1.20.20
-Release:   5%{?dist}
+Version:   1.52.0
+Release:   1%{?dist}
 License:   GPL-2.0-or-later
 URL:       https://github.com/nm-l2tp/NetworkManager-l2tp
 Source:    https://github.com/nm-l2tp/NetworkManager-l2tp/releases/download/%{version}/%{name}-%{version}.tar.xz
@@ -18,7 +18,22 @@ BuildRequires: make
 BuildRequires: gcc
 BuildRequires: glib2-devel
 BuildRequires: gtk3-devel
-BuildRequires: NetworkManager-libnm-devel >= 1:1.20.0
+
+# Ensure using libnma-devel that has CVE-2025-9615 update
+%if 0%{?fedora} == 42
+BuildRequires: NetworkManager-libnm-devel >= 1:1.52.2
+%elif 0%{?fedora} == 43
+BuildRequires: NetworkManager-libnm-devel >= 1:1.54.3
+%elif 0%{?fedora} > 43
+BuildRequires: NetworkManager-libnm-devel >= 1:1.55.91
+%elif 0%{?rhel} == 9
+BuildRequires: NetworkManager-libnm-devel >= 1:1.54.3
+%elif 0%{?rhel} == 10
+BuildRequires: NetworkManager-libnm-devel >= 1:1.54.3
+%else
+BuildRequires: NetworkManager-libnm-devel >= 1:1.56.0
+%endif
+
 BuildRequires: libnma-devel >= 1.8.0
 BuildRequires: pkgconfig
 BuildRequires: ppp-devel >= 2.4.5
@@ -32,7 +47,22 @@ BuildRequires: libnma-gtk4-devel
 %endif
 
 Requires: dbus-common
-Requires: NetworkManager >= 1:1.20.0
+
+# Ensure NetworkManager dependency has CVE-2025-9615 update
+%if 0%{?fedora} == 42
+Requires: NetworkManager >= 1:1.52.2
+%elif 0%{?fedora} == 43
+Requires: NetworkManager >= 1:1.54.3
+%elif 0%{?fedora} > 43
+Requires: NetworkManager >= 1:1.55.91
+%elif 0%{?rhel} == 9
+BuildRequires: NetworkManager-libnm-devel >= 1:1.54.3
+%elif 0%{?rhel} == 10
+BuildRequires: NetworkManager-libnm-devel >= 1:1.54.3
+%else
+Requires: NetworkManager >= 1:1.56.0
+%endif
+
 Requires: ppp = %{ppp_version}
 %if 0%{?fedora} > 42
 # Note: go-l2tp is a package alias of golang-github-katalix-l2tp
@@ -136,7 +166,7 @@ IKEv1 is deprecated and disabled by default with Libreswan >= 5.0.
 You can re-enable IKEv1 by uncommenting the #ikev1-policy=accept line in
 /etc/ipsec.conf which can be achieved by running the following command:
 
-sudo sed -e 's/#ikev1-policy=accept/ikev1-policy=accept/' -i /etc/ipsec.conf
+sudo sed -e 's/#ikev1-policy=.*/ikev1-policy=accept/' -i /etc/ipsec.conf
 %endif
 
 EOF
@@ -174,6 +204,13 @@ exit 0
 %endif
 
 %changelog
+* Sun Jan 11 2026 Douglas Kosovic <doug@uq.edu.au> - 1.52.0-1
+- Updated to 1.52.0 release
+  Verify file permissions for private connections to prevent unprivileged
+  user from using other user's certs (CVE-2025-9615)
+- Ensure NetworkManager dependency has CVE-2025-9615 update.
+- Correct sed example in generated README.Fedora and README.EPEL files.
+
 * Wed Nov 12 2025 Douglas Kosovic <doug@uq.edu.au> - 1.20.20-5
 - Add README.Fedora for Fedora or README.EPEL for EPEL
 - Use (go-l2tp or xl2tpd) dependency for Fedora 43 to handle upgrades

diff --git a/sources b/sources
index cd7f39d..ee63bce 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (NetworkManager-l2tp-1.20.20.tar.xz) = 0f57382abf82a01fb0b2485ebc04fd264d0450f11597d2a45a5f60018c9701e22faf2b10ea13ba8b2ea2944a4d49a77bd6d7358bd1411e1b694d45f963d97b8d
+SHA512 (NetworkManager-l2tp-1.52.0.tar.xz) = 5fab4fa46864a69d4877002bfac0a52cdf53b9d3bc3ff3a1aed039c12ed24320248a85b9b14404f04a5f315141f634d30701afcf48051a206369846d3d0e7824

                 reply	other threads:[~2026-07-02 12:55 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=178299692358.1.9644507221403293420.rpms-NetworkManager-l2tp-07029425980b@fedoraproject.org \
    --to=doug@uq.edu.au \
    --cc=git-commits@fedoraproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox