UbuntuUpdates.org

Package "freeradius"

Name: freeradius

Description:

high-performance and highly configurable RADIUS server

Latest version: 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3
Release: jammy (22.04)
Level: updates
Repository: main
Homepage: http://www.freeradius.org/

Links


Download "freeradius"


Other versions of "freeradius" in Jammy

Repository Area Version
base main 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3
base universe 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3
security main 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3
security universe 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3
updates universe 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3 2024-10-03 16:07:10 UTC

  freeradius (3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3) jammy-security; urgency=medium

  * SECURITY UPDATE: forgery attack via MD5 collision (Blast-RADIUS)
    - debian/patches/CVE-2024-3596-*.patch: backport changes to require
      Message-Authenticator in all Access-* packets.
    - CVE-2024-3596

 -- Marc Deslauriers <email address hidden> Thu, 12 Sep 2024 09:37:32 -0400

Source diff to previous version
CVE-2024-3596 RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject,

Version: 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.2 2024-02-08 21:06:58 UTC

  freeradius (3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.2) jammy; urgency=medium

  * d/p/avoid-smbencrypt-segfault-with-openssl3-fixes.patch: load the
    OpenSSL legacy providers and use OpenSSL3 init for MD4/MD5
    (LP: #2042824).

 -- Miriam España Acebal <email address hidden> Fri, 12 Jan 2024 17:59:58 +0100

Source diff to previous version
2042824 smbencrypt segfaults when run with any parameter

Version: 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.1 2023-01-04 14:07:45 UTC

  freeradius (3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.1) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS using abinary attribute
    - debian/patches/CVE-2022-41861.patch: fix abinary attribute checks
    - CVE-2022-41861

 -- Nishit Majithia <email address hidden> Wed, 04 Jan 2023 08:53:09 +0530

CVE-2022-41861 RESERVED



About   -   Send Feedback to @ubuntu_updates