Stay Connected:

ELEA-2017-1954

ELEA-2017-1954 - freeradius bug fix and enhancement update

Type:ENHANCEMENT
Impact:NA
Release Date:2017-08-08

Description


[3.0.13-6]
- Avoid race condition when creating session cache file
Resolves: Bug#1458746 CVE-2017-9148 freeradius: TLS resumption
authentication bypass

[3.0.13-5]
- Refer to correct package version in configuration comments for Bug#1458746
(CVE-2017-9148) fix.
Related: Bug#1458746 CVE-2017-9148 freeradius: TLS resumption
authentication bypass

[3.0.13-4]
- Disable internal OpenSSL cache.
Resolves: Bug#1458746 CVE-2017-9148 freeradius: TLS resumption
authentication bypass
- Check sizeof(*packet), not sizeof(packet) in EAP-PWD
Resolves: Bug#1459073 Potential buffer overflow in FreeRADIUS EAP-PWD
- Parse port as well as address for dhcpclient destination
Resolves: Bug#1457825 dhcpclient does no accept IP:PORT

[3.0.13-3]
- Explicitly disable rlm_cache_memcached to avoid error when the module's
dependencies are installed, and it is built, but not packaged.
Related: Bug#1202751 Rebase FreeRADIUS to 3.0.12 or later minor release
- Prevent segfaults by adding a missing handling of connection errors in
rlm_ldap.
Resolves: Bug#1437409 [abrt] freeradius: radiusd killed by SIGSEGV
- Make radtest use Cleartext-Password for EAP, fixing its support for eap-md5.
Resolves: Bug#1436619 radtest does not work with eap-md5

[3.0.13-2]
- Fix some issues found with static analyzers.
Resolves: Bug#1432103 FreeRADIUS fails covscan checks
- Revert rlm_eap_tnc removal, because the tncfhh package is still in RHEL.
Related: Bug#1202751 Rebase FreeRADIUS to 3.0.12 or later minor release

[3.0.13-1]
- Upgrade to upstream v3.0.13 release.
See upstream ChangeLog for details (in freeradius-doc subpackage).
Related: Bug#1202751 Rebase FreeRADIUS to 3.0.12 or later minor release
Resolves: Bug#1329181 freeradius-python fix libpython2.7.so dependency at
compile time
Resolves: Bug#1425869 Radiusd does not trigger modules.sql.fail trap if it
can't connect to mysql server
Resolves: Bug#1427829 Stack overflow when passing bare IPv6 to radclient

[3.0.12-2]
- Do not fail logrotate if radiusd is not running.
Resolves: Bug#1365226 error running non-shared postrotate script for
/var/log/radius/radius.log of
'/var/log/radius/radius.log '
- Fix output to log file specified with -l option.
Resolves: Bug#1421207 radiusd does not work with log file specified by -l
option
- Fix long hostnames interpreted as IP addresses.
Resolves: Bug#1420359 radclient does not detect 4. level and higher domain
name as a domain name
- Avoid clashes with libtool library symbols.
Resolves: Bug#1391960 undefined symbol: get_vtable in
/usr/lib64/libtdsodbc.so.0 with freeradius-unixODBC
- Remove mentions of Auth-Type = System from docs.
Resolves: Bug#1420293 Freeradius does not know Auth-Type = System
- Improve ip/v4/v6/addr documentation.
Resolves: Bug#1179736 add description for ipaddr = hostname from DNS with A
and AAAA entries

[3.0.12-1]
- Upgrade to upstream v3.0.12 release.
See upstream ChangeLog for details (in freeradius-doc subpackage).
Related: Bug#1202751 Rebase FreeRADIUS to 3.0.7 or later minor release
Resolves: Bug#1358989 FreeRADIUS stops reading the accounting packets from the
detail file
Resolves: Bug#1269217 FreeRADIUS triggers mprotect with large radius reply
Resolves: Bug#1344183 radiusd crashed in rbtree_find() after receiving a packet
Resolves: Bug#1370431 FreeRADIUS fails to establish LDAP connections under
load
Resolves: Bug#1397981 [abrt] freeradius: radiusd killed by SIGSEGV

[3.0.11-1]
- Upgrade to upstream v3.0.11 release.
See upstream ChangeLog for details (in freeradius-doc subpackage).
Resolves: Bug#1197551
Resolves: Bug#1179745
Resolves: Bug#1202751 Rebase FreeRADIUS to 3.0.7 or later minor release
Resolves: Bug#1289849 FreeRadius should start after ldap, ipa and krb5kdc
Resolves: Bug#1208886 Add the latest Mikrotik dictionary into Freeradius
Resolves: Bug#1198620 radutmp should not rotate
Resolves: Bug#1180979 Freeradius is installing files under /etc/tmpfiles.d/
Resolves: Bug#1187904 radiusd logrotate config file contains old style
'/sbin/service radius reload' reload call
Resolves: Bug#1167846 radiusd fails to load clients from ldap
Resolves: Bug#1422018 /usr/lib/systemd/system/radiusd.service is marked
executable. Please remove executable permission bits
Resolves: Bug#1167843 support for older style generic attributes in
rlm_ldap doesn't work
Resolves: Bug#1354234 home servers are marked as dead by radiusd

[3.0.10-1]
- Upgrade to upstream v3.0.10 release.
See upstream ChangeLog for details (in freeradius-doc subpackage).
Related: Bug#1202751
Resolves: Bug#1340334 freeradius: Decryption of very long Tunnel-Passwords
can cause buffer overflow
- Remove rlm_eap_tnc support as the required package 'tncfhh' was retired.

[3.0.9-1]
- Upgrade to upstream v3.0.9 release.
See upstream ChangeLog for details (in freeradius-doc subpackage).
Related: Bug#1202751

[3.0.8-1]
- Upgrade to upstream v3.0.8 release.
See upstream ChangeLog for details (in freeradius-doc subpackage).
Related: Bug#1202751

[3.0.7-1]
- Upgrade to upstream v3.0.7 release.
See upstream ChangeLog for details (in freeradius-doc subpackage).
Related: Bug#1202751




Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) freeradius-3.0.13-6.el7.src.rpm1a16bb02736f2cee478a9c6a6bbfa5bb109dd0cac1cabba3c09785393b7d336dELSA-2024-4911ol7_aarch64_latest
freeradius-3.0.13-6.el7.src.rpm1a16bb02736f2cee478a9c6a6bbfa5bb109dd0cac1cabba3c09785393b7d336dELSA-2024-4911ol7_aarch64_optional_latest
freeradius-3.0.13-6.el7.aarch64.rpme0877728c144abcd0d442530d0ec2147d0b888e3645b886b720537f715b1e16fELSA-2024-4911ol7_aarch64_latest
freeradius-devel-3.0.13-6.el7.aarch64.rpm264be2f1e13329646acbfa3d1560ffee31f18d22ab2b7a858aebd2f0d7ec9c4aELSA-2024-4911ol7_aarch64_optional_latest
freeradius-doc-3.0.13-6.el7.aarch64.rpm28d7217531a7585ee72ff5205724f9acbaa81f2257519f6e7089600b477f2afcELSA-2024-4911ol7_aarch64_optional_latest
freeradius-krb5-3.0.13-6.el7.aarch64.rpm2e9eba199c01c94c863edafca788387d561f313c51ef71ceb8c3a9af777a61dbELSA-2024-4911ol7_aarch64_optional_latest
freeradius-ldap-3.0.13-6.el7.aarch64.rpm7b697637b588f5fa654dc443927c1165f16aec0dc5a26feb77262ae0894a23d1ELSA-2024-4911ol7_aarch64_optional_latest
freeradius-mysql-3.0.13-6.el7.aarch64.rpm1373db3229495ee1222a9f3f263d607e3d0ede51402e3b4d7f498e535ad39315ELSA-2024-4911ol7_aarch64_optional_latest
freeradius-perl-3.0.13-6.el7.aarch64.rpmcad28e9334f85c7d6196feed28fbbc07edf43c42658b73f691708bc336906c8eELSA-2024-4911ol7_aarch64_optional_latest
freeradius-postgresql-3.0.13-6.el7.aarch64.rpmfde563fd6ac088f001026d6a8afebfb1e78a9916b0800d651f677f1f1ac1ba1eELSA-2024-4911ol7_aarch64_optional_latest
freeradius-python-3.0.13-6.el7.aarch64.rpm267e263f767099afee9c230aba9c5c42abc0bab3d0c82804d630897f2987d5b3ELSA-2024-4911ol7_aarch64_optional_latest
freeradius-sqlite-3.0.13-6.el7.aarch64.rpm143b033b5d8788a836b3d0a197ab1445526fbe57c46892cc108db8bf87213e01ELSA-2024-4911ol7_aarch64_optional_latest
freeradius-unixODBC-3.0.13-6.el7.aarch64.rpmc0577457f49ea2b15e7a13462f622a918920a549abd1ed4952ba72bf1eeaab2cELSA-2024-4911ol7_aarch64_optional_latest
freeradius-utils-3.0.13-6.el7.aarch64.rpm6e34ad6f8bf386b915ac7fab73e964281a0219e07b9858ae31a718dc854c9893ELSA-2024-4911ol7_aarch64_optional_latest
Oracle Linux 7 (x86_64) freeradius-3.0.13-6.el7.src.rpm1a16bb02736f2cee478a9c6a6bbfa5bb109dd0cac1cabba3c09785393b7d336dELSA-2024-4911ol7_x86_64_latest_archive
freeradius-3.0.13-6.el7.src.rpm1a16bb02736f2cee478a9c6a6bbfa5bb109dd0cac1cabba3c09785393b7d336dELSA-2024-4911ol7_x86_64_optional_archive
freeradius-3.0.13-6.el7.src.rpm1a16bb02736f2cee478a9c6a6bbfa5bb109dd0cac1cabba3c09785393b7d336dELSA-2024-4911ol7_x86_64_u4_base
freeradius-3.0.13-6.el7.x86_64.rpmfd3de1d640514949b0df72d388190241567208b2827353a63ef6b0f88936bab4ELSA-2024-4911ol7_x86_64_latest_archive
freeradius-3.0.13-6.el7.x86_64.rpmfd3de1d640514949b0df72d388190241567208b2827353a63ef6b0f88936bab4ELSA-2024-4911ol7_x86_64_u4_base
freeradius-devel-3.0.13-6.el7.i686.rpm40649968f8d24497d85143743bc9b47dfbb8147203f96fa198413ab2c675a9feELSA-2024-4911ol7_x86_64_optional_archive
freeradius-devel-3.0.13-6.el7.x86_64.rpm08c976cddac7c3405eb57d78bf41bde9c8c8cacf2e97fb103d8b4c65d64cda77ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-doc-3.0.13-6.el7.x86_64.rpm12b139adba1207333ac02c0ceb420f03e5a5a23d21e38dc0b46eca55eba05059ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-krb5-3.0.13-6.el7.x86_64.rpm6c6bdbd5216590799e435ce001a0022b8f4e6d300c4e0c36a4085880fd60b94bELSA-2024-4911ol7_x86_64_optional_archive
freeradius-ldap-3.0.13-6.el7.x86_64.rpm484a38673ce7d0507d7a1ef74aa9bfb3a133340240f5e9c20a41af4a436d245cELSA-2024-4911ol7_x86_64_optional_archive
freeradius-mysql-3.0.13-6.el7.x86_64.rpmd3ba99f8d58cc4981e5470dcdbdabb70177cdccfa281744af78ce89f596e59faELSA-2024-4911ol7_x86_64_optional_archive
freeradius-perl-3.0.13-6.el7.x86_64.rpm769a41160210799c425ef50a63f360aff5e688004b4ca2f6d5f8e82a9b423352ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-postgresql-3.0.13-6.el7.x86_64.rpme8ef6f4a6e80fce97cb717a0faa026a8daa4080a0c9c3cf1006df89e675e5ce6ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-python-3.0.13-6.el7.x86_64.rpmf9ff12fbfae5a756973c9cd94545272c33bcb3605d40bf8ae3de6b2daee40b2bELSA-2024-4911ol7_x86_64_optional_archive
freeradius-sqlite-3.0.13-6.el7.x86_64.rpm50152d7e77fb02d93dabd85c7ac0e7535dfcb9b8b323e6eb63346dd2727e01e7ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-unixODBC-3.0.13-6.el7.x86_64.rpm34c1834a92e09e294a7d501ef872745c3a2c4682ee0cf643deac3e4dee9d1a24ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-utils-3.0.13-6.el7.x86_64.rpmbf248b45521429d4abaf8ffd8c02bcdc32ca94d6a9c15c44b933a371d10513adELSA-2024-4911ol7_x86_64_optional_archive



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights