UbuntuUpdates.org

Package "freeradius"

Name: freeradius

Description:

high-performance and highly configurable RADIUS server
Latest version: 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3
Release: jammy (22.04)
Level: security
Repository: main
Homepage: http://www.freeradius.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "freeradius"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "freeradius" in Jammy

Repository Area Version
base main 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3
base universe 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3
security universe 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3
updates main 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3
updates universe 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3 2024-10-03 15:07:04 UTC

  freeradius (3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3) jammy-security; urgency=medium

  * SECURITY UPDATE: forgery attack via MD5 collision (Blast-RADIUS)
    - debian/patches/CVE-2024-3596-*.patch: backport changes to require
      Message-Authenticator in all Access-* packets.
    - CVE-2024-3596

 -- Marc Deslauriers <email address hidden> Thu, 12 Sep 2024 09:37:32 -0400
Source diff to previous version
CVE-2024-3596 RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject,

Version: 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.1 2023-01-04 14:07:43 UTC

  freeradius (3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.1) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS using abinary attribute
    - debian/patches/CVE-2022-41861.patch: fix abinary attribute checks
    - CVE-2022-41861

 -- Nishit Majithia <email address hidden> Wed, 04 Jan 2023 08:53:09 +0530
CVE-2022-41861 RESERVED


About   -   Send Feedback to @ubuntu_updates