Описание
ELSA-2015-1287: freeradius security, bug fix, and enhancement update (MODERATE)
[2.2.6-4]
- Move OpenSSL init out of version check Resolves: Bug#1189394 radiusd segfaults after update
- Comment-out ippool-dhcp.conf inclusion Resolves: Bug#1189386 radiusd fails to start after 'clean' installation
[2.2.6-3]
- Disable OpenSSL version check Resolves: Bug#1189011
[2.2.6-2]
- Fix a number of new Coverity errors and compiler warnings. Resolves: Bug#1188598
[2.2.6-1]
- Upgrade to the latest upstream release v2.2.6 Resolves: Bug#921563 raddebug not working correctly Resolves: Bug#921567 raddebug -t 0 exists immediately Resolves: Bug#1060319 MSCHAP Authentication is not working using automatic windows user credentials Resolves: Bug#1078736 Rebase FreeRADIUS to 2.2.4 Resolves: Bug#1135439 Default message digest defaults to sha1 Resolves: Bug#1142669 EAP-TLS and OCSP validation causing segmentation fault Resolves: Bug#1173388 dictionary.mikrotik missing Attributes
- Remove radutmp rotation Resolves: Bug#904578 radutmp should not rotate
- Check for start_servers not exceeding max_servers Resolves: Bug#1146828 radiusd silently fails when start_servers is higher than max_servers
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
freeradius
2.2.6-4.el6
freeradius-krb5
2.2.6-4.el6
freeradius-ldap
2.2.6-4.el6
freeradius-mysql
2.2.6-4.el6
freeradius-perl
2.2.6-4.el6
freeradius-postgresql
2.2.6-4.el6
freeradius-python
2.2.6-4.el6
freeradius-unixODBC
2.2.6-4.el6
freeradius-utils
2.2.6-4.el6
Oracle Linux i686
freeradius
2.2.6-4.el6
freeradius-krb5
2.2.6-4.el6
freeradius-ldap
2.2.6-4.el6
freeradius-mysql
2.2.6-4.el6
freeradius-perl
2.2.6-4.el6
freeradius-postgresql
2.2.6-4.el6
freeradius-python
2.2.6-4.el6
freeradius-unixODBC
2.2.6-4.el6
freeradius-utils
2.2.6-4.el6
Связанные CVE
Связанные уязвимости
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash.
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash.
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash.
Stack-based buffer overflow in the normify function in the rlm_pap mod ...
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash.