Описание
ELSA-2017-2389: freeradius security update (IMPORTANT)
[3.0.13-8]
- Avoid misinterpreting zero-size malloc in data2vp_extended() fix.
- Related: Bug#1469414 CVE-2017-10984 freeradius: Out-of-bounds write in data2vp_wimax()
[3.0.13-7]
- Resolves: Bug#1469409 CVE-2017-10978 freeradius: Out-of-bounds read/write due to improper output buffer size check in make_secret()
- Resolves: Bug#1469413 CVE-2017-10983 freeradius: Out-of-bounds read in fr_dhcp_decode() when decoding option 63
- Resolves: Bug#1469414 CVE-2017-10984 freeradius: Out-of-bounds write in data2vp_wimax()
- Resolves: Bug#1469417 CVE-2017-10985 freeradius: Infinite loop and memory exhaustion with 'concat' attributes
- Resolves: Bug#1469418 CVE-2017-10986 freeradius: Infinite read in dhcp_attr2vp()
- Resolves: Bug#1469421 CVE-2017-10987 freeradius: Buffer over-read in fr_dhcp_decode_suboptions()
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
freeradius
3.0.13-8.el7_4
freeradius-devel
3.0.13-8.el7_4
freeradius-doc
3.0.13-8.el7_4
freeradius-krb5
3.0.13-8.el7_4
freeradius-ldap
3.0.13-8.el7_4
freeradius-mysql
3.0.13-8.el7_4
freeradius-perl
3.0.13-8.el7_4
freeradius-postgresql
3.0.13-8.el7_4
freeradius-python
3.0.13-8.el7_4
freeradius-sqlite
3.0.13-8.el7_4
freeradius-unixODBC
3.0.13-8.el7_4
freeradius-utils
3.0.13-8.el7_4
Oracle Linux x86_64
freeradius
3.0.13-8.el7_4
freeradius-devel
3.0.13-8.el7_4
freeradius-doc
3.0.13-8.el7_4
freeradius-krb5
3.0.13-8.el7_4
freeradius-ldap
3.0.13-8.el7_4
freeradius-mysql
3.0.13-8.el7_4
freeradius-perl
3.0.13-8.el7_4
freeradius-postgresql
3.0.13-8.el7_4
freeradius-python
3.0.13-8.el7_4
freeradius-sqlite
3.0.13-8.el7_4
freeradius-unixODBC
3.0.13-8.el7_4
freeradius-utils
3.0.13-8.el7_4
