UbuntuUpdates.org

Package "freeradius-ldap"

Name: freeradius-ldap

Description:

LDAP module for FreeRADIUS server

Latest version: 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3
Release: jammy (22.04)
Level: security
Repository: universe
Head package: freeradius
Homepage: http://www.freeradius.org/

Links


Download "freeradius-ldap"


Other versions of "freeradius-ldap" in Jammy

Repository Area Version
base universe 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3
updates universe 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3

Changelog

Version: 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3 2024-10-03 15:07:05 UTC

  freeradius (3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3) jammy-security; urgency=medium

  * SECURITY UPDATE: forgery attack via MD5 collision (Blast-RADIUS)
    - debian/patches/CVE-2024-3596-*.patch: backport changes to require
      Message-Authenticator in all Access-* packets.
    - CVE-2024-3596

 -- Marc Deslauriers <email address hidden> Thu, 12 Sep 2024 09:37:32 -0400

Source diff to previous version
CVE-2024-3596 RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject,

Version: 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.1 2023-01-04 14:07:47 UTC

  freeradius (3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.1) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS using abinary attribute
    - debian/patches/CVE-2022-41861.patch: fix abinary attribute checks
    - CVE-2022-41861

 -- Nishit Majithia <email address hidden> Wed, 04 Jan 2023 08:53:09 +0530

CVE-2022-41861 RESERVED



About   -   Send Feedback to @ubuntu_updates