ELSA-2017-2389

ULN >
Oracle Linux Errata repository >
ELSA-2017-2389

ELSA-2017-2389 - freeradius security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2017-08-09

Description

[3.0.13-8]
- Avoid misinterpreting zero-size malloc in data2vp_extended() fix.
- Related: Bug#1469414 CVE-2017-10984 freeradius: Out-of-bounds write in
data2vp_wimax()

[3.0.13-7]
- Resolves: Bug#1469409 CVE-2017-10978 freeradius: Out-of-bounds read/write due
to improper output buffer size check in make_secret()
- Resolves: Bug#1469413 CVE-2017-10983 freeradius: Out-of-bounds read in
fr_dhcp_decode() when decoding option 63
- Resolves: Bug#1469414 CVE-2017-10984 freeradius: Out-of-bounds write in
data2vp_wimax()
- Resolves: Bug#1469417 CVE-2017-10985 freeradius: Infinite loop and memory
exhaustion with 'concat' attributes
- Resolves: Bug#1469418 CVE-2017-10986 freeradius: Infinite read in
dhcp_attr2vp()
- Resolves: Bug#1469421 CVE-2017-10987 freeradius: Buffer over-read in
fr_dhcp_decode_suboptions()

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	freeradius-3.0.13-8.el7_4.src.rpm	4f8c7d48c8d354560505cd635d54dd70	ELSA-2020-3984
	freeradius-3.0.13-8.el7_4.aarch64.rpm	957d982778efe7df66337908bcabf145	ELSA-2020-3984
	freeradius-devel-3.0.13-8.el7_4.aarch64.rpm	23437da75267ae932ccce4c68e8422e8	ELSA-2020-3984
	freeradius-doc-3.0.13-8.el7_4.aarch64.rpm	6b808c97fc90ce798c4ee38060108642	ELSA-2020-3984
	freeradius-krb5-3.0.13-8.el7_4.aarch64.rpm	db1766f6dee85a2a493484e8911dcd7b	ELSA-2020-3984
	freeradius-ldap-3.0.13-8.el7_4.aarch64.rpm	1be049940492965860ee3bd780adb5db	ELSA-2020-3984
	freeradius-mysql-3.0.13-8.el7_4.aarch64.rpm	6dfce254d8f1f968c3ecbe674f8f8b4b	ELSA-2020-3984
	freeradius-perl-3.0.13-8.el7_4.aarch64.rpm	e1d4f9182bc93278afd074883ff50a82	ELSA-2020-3984
	freeradius-postgresql-3.0.13-8.el7_4.aarch64.rpm	86c6c65e7db6363f48b6154c6b861f35	ELSA-2020-3984
	freeradius-python-3.0.13-8.el7_4.aarch64.rpm	2fac811065b4a07abf1c761b60e44dfa	ELSA-2020-3984
	freeradius-sqlite-3.0.13-8.el7_4.aarch64.rpm	be64f0b1ef8fb24f4ac6a575cfd7fe57	ELSA-2020-3984
	freeradius-unixODBC-3.0.13-8.el7_4.aarch64.rpm	978faef14f2bfeff69c6cdd6e50b07fc	ELSA-2020-3984
	freeradius-utils-3.0.13-8.el7_4.aarch64.rpm	f28c0ee40cf259e3281d349d5dd86f07	ELSA-2020-3984

Oracle Linux 7 (x86_64)	freeradius-3.0.13-8.el7_4.src.rpm	4f8c7d48c8d354560505cd635d54dd70	ELSA-2020-3984
	freeradius-3.0.13-8.el7_4.x86_64.rpm	5315db3bec3303d882b4171b4f8da49b	ELSA-2020-3984
	freeradius-devel-3.0.13-8.el7_4.i686.rpm	a5971370c0392fb7d8d2e8fbf918e700	ELSA-2020-3984
	freeradius-devel-3.0.13-8.el7_4.x86_64.rpm	0df5aedd8db45018643a3384b53aa68e	ELSA-2020-3984
	freeradius-doc-3.0.13-8.el7_4.x86_64.rpm	6ddd7957521be43f19b87ec3e76f158f	ELSA-2020-3984
	freeradius-krb5-3.0.13-8.el7_4.x86_64.rpm	1259ac28398cbc0972497da8a62cdf89	ELSA-2020-3984
	freeradius-ldap-3.0.13-8.el7_4.x86_64.rpm	fa6f72ddbcbf1f22be94ca0b3fa879a4	ELSA-2020-3984
	freeradius-mysql-3.0.13-8.el7_4.x86_64.rpm	f57d9ac228e939f0ce044d7ceb777bbe	ELSA-2020-3984
	freeradius-perl-3.0.13-8.el7_4.x86_64.rpm	e9dfde4f323576085bbea6651d6ad0bd	ELSA-2020-3984
	freeradius-postgresql-3.0.13-8.el7_4.x86_64.rpm	066db468f4c73b04979a56508c46ddca	ELSA-2020-3984
	freeradius-python-3.0.13-8.el7_4.x86_64.rpm	dc007dd6298a1edda3fa2884edacef47	ELSA-2020-3984
	freeradius-sqlite-3.0.13-8.el7_4.x86_64.rpm	d9f0c7e2bc37c0bec0279aae3bb15a5b	ELSA-2020-3984
	freeradius-unixODBC-3.0.13-8.el7_4.x86_64.rpm	c42b77f15e568033bc2ede8af3b76b28	ELSA-2020-3984
	freeradius-utils-3.0.13-8.el7_4.x86_64.rpm	ef48c4018f16b1b3272e4f3c68fbfa23	ELSA-2020-3984

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691