Описание
Security update for freeradius-server
This update of freeradius-server fixes several issues.
Security issue fixed:
- CVE-2015-4680: Fixed Insufficent CRL application for intermediate certificates (bsc#935573)
Non security issues fixed:
- Allows FreeRadius Server to start on SUSE Linux Enterprise Server 12 SP2 systems by relaxing a too strict openssl version check. (bsc#1013311)
- Fixed radclient error free() invalid pointer (bsc#911886)
- Fixed failing rebuild of freeradius-server package (bsc#951404)
Список пакетов
SUSE Linux Enterprise Server 12 SP1
freeradius-server-3.0.3-14.1
freeradius-server-doc-3.0.3-14.1
freeradius-server-krb5-3.0.3-14.1
freeradius-server-ldap-3.0.3-14.1
freeradius-server-libs-3.0.3-14.1
freeradius-server-mysql-3.0.3-14.1
freeradius-server-perl-3.0.3-14.1
freeradius-server-postgresql-3.0.3-14.1
freeradius-server-python-3.0.3-14.1
freeradius-server-sqlite-3.0.3-14.1
freeradius-server-utils-3.0.3-14.1
SUSE Linux Enterprise Server 12 SP2
freeradius-server-3.0.3-14.1
freeradius-server-doc-3.0.3-14.1
freeradius-server-krb5-3.0.3-14.1
freeradius-server-ldap-3.0.3-14.1
freeradius-server-libs-3.0.3-14.1
freeradius-server-mysql-3.0.3-14.1
freeradius-server-perl-3.0.3-14.1
freeradius-server-postgresql-3.0.3-14.1
freeradius-server-python-3.0.3-14.1
freeradius-server-sqlite-3.0.3-14.1
freeradius-server-utils-3.0.3-14.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
freeradius-server-3.0.3-14.1
freeradius-server-doc-3.0.3-14.1
freeradius-server-krb5-3.0.3-14.1
freeradius-server-ldap-3.0.3-14.1
freeradius-server-libs-3.0.3-14.1
freeradius-server-mysql-3.0.3-14.1
freeradius-server-perl-3.0.3-14.1
freeradius-server-postgresql-3.0.3-14.1
freeradius-server-python-3.0.3-14.1
freeradius-server-sqlite-3.0.3-14.1
freeradius-server-utils-3.0.3-14.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
freeradius-server-3.0.3-14.1
freeradius-server-doc-3.0.3-14.1
freeradius-server-krb5-3.0.3-14.1
freeradius-server-ldap-3.0.3-14.1
freeradius-server-libs-3.0.3-14.1
freeradius-server-mysql-3.0.3-14.1
freeradius-server-perl-3.0.3-14.1
freeradius-server-postgresql-3.0.3-14.1
freeradius-server-python-3.0.3-14.1
freeradius-server-sqlite-3.0.3-14.1
freeradius-server-utils-3.0.3-14.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
freeradius-server-3.0.3-14.1
freeradius-server-doc-3.0.3-14.1
freeradius-server-krb5-3.0.3-14.1
freeradius-server-ldap-3.0.3-14.1
freeradius-server-libs-3.0.3-14.1
freeradius-server-mysql-3.0.3-14.1
freeradius-server-perl-3.0.3-14.1
freeradius-server-postgresql-3.0.3-14.1
freeradius-server-python-3.0.3-14.1
freeradius-server-sqlite-3.0.3-14.1
freeradius-server-utils-3.0.3-14.1
SUSE Linux Enterprise Software Development Kit 12 SP1
freeradius-server-devel-3.0.3-14.1
SUSE Linux Enterprise Software Development Kit 12 SP2
freeradius-server-devel-3.0.3-14.1
Ссылки
- Link for SUSE-SU-2017:0102-1
- E-Mail link for SUSE-SU-2017:0102-1
- SUSE Security Ratings
- SUSE Bug 1013311
- SUSE Bug 911886
- SUSE Bug 935573
- SUSE Bug 951404
- SUSE CVE CVE-2015-4680 page
Описание
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP1:freeradius-server-3.0.3-14.1
SUSE Linux Enterprise Server 12 SP1:freeradius-server-doc-3.0.3-14.1
SUSE Linux Enterprise Server 12 SP1:freeradius-server-krb5-3.0.3-14.1
SUSE Linux Enterprise Server 12 SP1:freeradius-server-ldap-3.0.3-14.1
Ссылки
- CVE-2015-4680
- SUSE Bug 935573