UbuntuUpdates.org

Package "freeradius"

Name: freeradius

Description:

high-performance and highly configurable RADIUS server
Latest version: 2.2.8+dfsg-0.1ubuntu0.1
Release: xenial (16.04)
Level: security
Repository: main
Homepage: http://www.freeradius.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "freeradius"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "freeradius" in Xenial

Repository Area Version
base main 2.2.8+dfsg-0.1build2
base universe 2.2.8+dfsg-0.1build2
security universe 2.2.8+dfsg-0.1ubuntu0.1
updates universe 2.2.8+dfsg-0.1ubuntu0.1
updates main 2.2.8+dfsg-0.1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.2.8+dfsg-0.1ubuntu0.1 2017-07-27 17:06:45 UTC

  freeradius (2.2.8+dfsg-0.1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: read/write overflow in make_secret()
    - debian/patches/CVE-2017-10978.patch: check lengths in
      src/lib/radius.c.
    - CVE-2017-10978
  * SECURITY UPDATE: write overflow in rad_coalesce
    - debian/patches/CVE-2017-10979.patch: check for long attributes in
      src/lib/dhcp.c, src/lib/radius.c.
    - CVE-2017-10979
  * SECURITY UPDATE: memory leak in decode_tlv()
    - debian/patches/CVE-2017-10980.patch: fix memory leak in
      src/lib/dhcp.c.
    - CVE-2017-10980
  * SECURITY UPDATE: memory leak in fr_dhcp_decode()
    - debian/patches/CVE-2017-10981.patch: fix another memory leak in
      src/lib/dhcp.c.
    - CVE-2017-10981
  * SECURITY UPDATE: read overflow in fr_dhcp_decode_options()
    - debian/patches/CVE-2017-10982.patch: check for long options in
      src/lib/dhcp.c.
    - CVE-2017-10982
  * SECURITY UPDATE: read overflow when decoding option 63
    - debian/patches/CVE-2017-10983.patch: decode correct option in
      src/lib/dhcp.c.
    - CVE-2017-10983

 -- Marc Deslauriers <email address hidden> Wed, 26 Jul 2017 10:32:39 -0400
CVE-2017-1097 RESERVED
CVE-2017-1098 RESERVED


About   -   Send Feedback to @ubuntu_updates