{"id":"MGASA-2014-0560","summary":"Updated plasma-nm packages add openvpn certificate verification","details":"Updated plasma-applet-nm packages add OpenVPN option for server certificate \nverification\n\nPlasma-nm does not tell OpenVPN to perform server certificate verification. \nConsequently, anyone with the preshared key is able to perform a MITM attack by \nimpersonating the server.\n\nThis update add option to the OpenVPN plugin for server certificate verification.\n","modified":"2026-04-16T04:28:15.187587Z","published":"2014-12-31T12:28:04Z","references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0560.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14812"},{"type":"REPORT","url":"https://bugs.kde.org/show_bug.cgi?id=341069"},{"type":"WEB","url":"http://lwn.net/Vulnerabilities/626419"},{"type":"WEB","url":"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146024.html"}],"affected":[{"package":{"name":"plasma-nm","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/plasma-nm?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.3.2-1.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0560.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}