Stay Connected:

ELSA-2017-2389

ELSA-2017-2389 - freeradius security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2017-08-09

Description


[3.0.13-8]
- Avoid misinterpreting zero-size malloc in data2vp_extended() fix.
- Related: Bug#1469414 CVE-2017-10984 freeradius: Out-of-bounds write in
data2vp_wimax()

[3.0.13-7]
- Resolves: Bug#1469409 CVE-2017-10978 freeradius: Out-of-bounds read/write due
to improper output buffer size check in make_secret()
- Resolves: Bug#1469413 CVE-2017-10983 freeradius: Out-of-bounds read in
fr_dhcp_decode() when decoding option 63
- Resolves: Bug#1469414 CVE-2017-10984 freeradius: Out-of-bounds write in
data2vp_wimax()
- Resolves: Bug#1469417 CVE-2017-10985 freeradius: Infinite loop and memory
exhaustion with 'concat' attributes
- Resolves: Bug#1469418 CVE-2017-10986 freeradius: Infinite read in
dhcp_attr2vp()
- Resolves: Bug#1469421 CVE-2017-10987 freeradius: Buffer over-read in
fr_dhcp_decode_suboptions()


Related CVEs


CVE-2017-10984
CVE-2017-10986
CVE-2017-10987
CVE-2017-10983
CVE-2017-10978
CVE-2017-10985

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) freeradius-3.0.13-8.el7_4.src.rpmaaa1ab6f51b70c1407076c0bd7e14318d605ba22eb5499c15b1e6a30f4bd4b44ELSA-2024-4911ol7_aarch64_latest
freeradius-3.0.13-8.el7_4.src.rpmaaa1ab6f51b70c1407076c0bd7e14318d605ba22eb5499c15b1e6a30f4bd4b44ELSA-2024-4911ol7_aarch64_optional_latest
freeradius-3.0.13-8.el7_4.aarch64.rpm71c436be713bc80d01e1b03522c2adb5f3a17e22090d068e4c03b937cd5f7393ELSA-2024-4911ol7_aarch64_latest
freeradius-devel-3.0.13-8.el7_4.aarch64.rpm2fffa771a13bef745492afe5ef40ced5e094de8e5782d35ed31a0ec27e9e2592ELSA-2024-4911ol7_aarch64_optional_latest
freeradius-doc-3.0.13-8.el7_4.aarch64.rpm5a1e1e95362bb1d20ae4a9503d4fb5129b668ad08ef1050807792b224d6e6dbaELSA-2024-4911ol7_aarch64_optional_latest
freeradius-krb5-3.0.13-8.el7_4.aarch64.rpm35b21d64c6872db2691917acc3cc327f4105d7758ea109cc4b5078a2f54fd521ELSA-2024-4911ol7_aarch64_optional_latest
freeradius-ldap-3.0.13-8.el7_4.aarch64.rpm7c395e068bdd9f2c7446d56845fa40d094a137df17c568c24e75175ba298487bELSA-2024-4911ol7_aarch64_optional_latest
freeradius-mysql-3.0.13-8.el7_4.aarch64.rpm69db07f0715a0b3a67158b8b37b4a8d3cc65530d57b4dcb01ba28d858b31a39aELSA-2024-4911ol7_aarch64_optional_latest
freeradius-perl-3.0.13-8.el7_4.aarch64.rpm5cc6e807de820fbe996c7869f7f87eee3340140b7584b1e6e011c82b30f02c9eELSA-2024-4911ol7_aarch64_optional_latest
freeradius-postgresql-3.0.13-8.el7_4.aarch64.rpmb21ecd693458e7b88a482765e7e06f5fc0b54a44897f29ede218886df5c47845ELSA-2024-4911ol7_aarch64_optional_latest
freeradius-python-3.0.13-8.el7_4.aarch64.rpmd13fdd6cefe6bde5333b84762db85f2cf44d2e3760cc3eb0d924790906a95be1ELSA-2024-4911ol7_aarch64_optional_latest
freeradius-sqlite-3.0.13-8.el7_4.aarch64.rpm2e27bf4d55496c5928a2f85445f16d75e870d36b7c585f40c479e8faa4b3a25eELSA-2024-4911ol7_aarch64_optional_latest
freeradius-unixODBC-3.0.13-8.el7_4.aarch64.rpma2cfa6c72fb3e47d740584f0795f96614c5a888b14726356a38db236f60a0d14ELSA-2024-4911ol7_aarch64_optional_latest
freeradius-utils-3.0.13-8.el7_4.aarch64.rpme8431d355a8740beba26e2f46ee574106fd98dca965ff1998cad36350f32f50eELSA-2024-4911ol7_aarch64_optional_latest
Oracle Linux 7 (x86_64) freeradius-3.0.13-8.el7_4.src.rpmaaa1ab6f51b70c1407076c0bd7e14318d605ba22eb5499c15b1e6a30f4bd4b44ELSA-2024-4911ol7_x86_64_latest_archive
freeradius-3.0.13-8.el7_4.src.rpmaaa1ab6f51b70c1407076c0bd7e14318d605ba22eb5499c15b1e6a30f4bd4b44ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-3.0.13-8.el7_4.src.rpmaaa1ab6f51b70c1407076c0bd7e14318d605ba22eb5499c15b1e6a30f4bd4b44ELSA-2024-4911ol7_x86_64_u4_patch
freeradius-3.0.13-8.el7_4.src.rpmaaa1ab6f51b70c1407076c0bd7e14318d605ba22eb5499c15b1e6a30f4bd4b44ELSA-2024-4911ol7_x86_64_u5_developer
freeradius-3.0.13-8.el7_4.x86_64.rpm0f698579fecedfbaf41c0cc37e98aeb79c8dc1a9f812e32ae8ab4c43811fd636ELSA-2024-4911ol7_x86_64_latest_archive
freeradius-3.0.13-8.el7_4.x86_64.rpm0f698579fecedfbaf41c0cc37e98aeb79c8dc1a9f812e32ae8ab4c43811fd636ELSA-2024-4911ol7_x86_64_u4_patch
freeradius-3.0.13-8.el7_4.x86_64.rpm0f698579fecedfbaf41c0cc37e98aeb79c8dc1a9f812e32ae8ab4c43811fd636ELSA-2024-4911ol7_x86_64_u5_developer
freeradius-devel-3.0.13-8.el7_4.i686.rpm1cb04f3fc8d82afa76e500079a449d5b8c0d0e1ab9e9a3220ff216e83d7a1694ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-devel-3.0.13-8.el7_4.x86_64.rpm327707057662f6588eab8d0db29243bc7e631ef58e2a16d089cd909746f0364aELSA-2024-4911ol7_x86_64_optional_archive
freeradius-doc-3.0.13-8.el7_4.x86_64.rpm848e80c03feb39045e4a00e1f1f674be7baa356bbfa7671111baeee7ef713195ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-krb5-3.0.13-8.el7_4.x86_64.rpm77ba17924d3c21604325ed9fdef7f1d229f2bcfa2e75d48aa759a22826352ce9ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-ldap-3.0.13-8.el7_4.x86_64.rpm8f1d9555e5e32809d0793fdea831add220329b4159115126278b7a7e57c5f5f1ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-mysql-3.0.13-8.el7_4.x86_64.rpm178bdf5167cf599d549848c87588f7c1315da7bfcbd12c5fb272f585acc6f231ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-perl-3.0.13-8.el7_4.x86_64.rpma622d9bd179fadc783031e43a8159b77bb28b37b8cdb48fce294a176f4a38c9cELSA-2024-4911ol7_x86_64_optional_archive
freeradius-postgresql-3.0.13-8.el7_4.x86_64.rpm9d7e4bd61cdac08688ff4657cdbd1676428e466969b3e78ef3a68a0a2799c767ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-python-3.0.13-8.el7_4.x86_64.rpm7e3bd0f14b05c29978c275fc0d90a21a4a46eaa5da1d6e4a87268eefa77a191dELSA-2024-4911ol7_x86_64_optional_archive
freeradius-sqlite-3.0.13-8.el7_4.x86_64.rpm8e96355f9835e635f85c820deee0b0efbf61657397d3d43c06454925adce91feELSA-2024-4911ol7_x86_64_optional_archive
freeradius-unixODBC-3.0.13-8.el7_4.x86_64.rpme61a3fc1ac383f79ebe7bee59ff33d2573291574d3af91521b4f108390e10397ELSA-2024-4911ol7_x86_64_optional_archive
freeradius-utils-3.0.13-8.el7_4.x86_64.rpm028508d037a72a3a7178d4bf2ea7781e1710994b62e891f4330f12bf3fdaabfaELSA-2024-4911ol7_x86_64_optional_archive



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights