From 7137d48870945e948227271be83fb19f6eb74538687ade9ac1f187f8a313c8d5 Mon Sep 17 00:00:00 2001
From: Adam Majer <amajer@suse.com>
Date: Tue, 31 Oct 2023 11:18:05 +0000
Subject: [PATCH] CVE references added only

OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=164
---
 freeradius-server.changes | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/freeradius-server.changes b/freeradius-server.changes
index ea40d7d..cd4f341 100644
--- a/freeradius-server.changes
+++ b/freeradius-server.changes
@@ -1,7 +1,7 @@
 -------------------------------------------------------------------
 Thu Aug 31 13:09:06 UTC 2023 - Adam Majer <adam.majer@suse.de>
 
-- update to version 3.2.3:
+- update to version 3.2.3 (jsc#PED-6567)
   Feature Improvements
   * Add "max_retries" for connection pools. Fixes #4908.
   * Update dictionary.ciena, dictionary.huawei, dictionary.wifialliance and
@@ -150,7 +150,10 @@ Mon Feb  6 16:57:33 UTC 2023 - Adam Majer <adam.majer@suse.de>
   *  3.2.0 requires OpenSSL 1.0.2 or greater.
 
 Bug Fixes
-    All bug fixes from 3.0.x are included in the 3.2.x releases. 
+  *  All bug fixes from 3.0.x are included in the 3.2.x releases, including
+  *  fixes information leakage in EAP-PWD (bsc#1206203, CVE-2022-41859)
+  *  fixes crash on unknown option in EAP-SIM (bsc#1206204, CVE-2022-41860)
+  *  fixes crash on invalid abinary data (bsc#1206205, CVE-2022-41861)
 
 - freeradius-server-enable-python3.patch: refreshed