forked from pool/freeradius-server
Accepting request 511049 from home:stroeder:branches:network
update to 3.0.15 - now with CVE ids successfully tested on Tumbleweed x86_64 OBS-URL: https://build.opensuse.org/request/show/511049 OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=100
This commit is contained in:
parent
44d1db1d6e
commit
bbd77fa15f
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:2771f6ecd6c816ac4d52b66bb8ae6781ca20e1e4984c5804fc4e67de3a807c59
|
|
||||||
size 3037721
|
|
Binary file not shown.
3
freeradius-server-3.0.15.tar.bz2
Normal file
3
freeradius-server-3.0.15.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:23267d8505e7b2909f5bdbf3938ca077c1fe122290dc969304d4f3b594f7e3ba
|
||||||
|
size 3038070
|
BIN
freeradius-server-3.0.15.tar.bz2.sig
Normal file
BIN
freeradius-server-3.0.15.tar.bz2.sig
Normal file
Binary file not shown.
@ -1,3 +1,19 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jul 17 13:46:41 UTC 2017 - michael@stroeder.com
|
||||||
|
|
||||||
|
- update to 3.0.15 with security fixes for
|
||||||
|
issues found via fuzzing by Guido Vranken
|
||||||
|
https://freeradius.org/security/fuzzer-2017.html
|
||||||
|
* CVE-2017-10978: FR-GV-201 (v2,v3) Read / write overflow in make_secret()
|
||||||
|
* CVE-2017-10983: FR-GV-206 (v2,v3) DHCP - Read overflow when decoding option 63
|
||||||
|
* CVE-2017-10984: FR-GV-301 (v3) Write overflow in data2vp_wimax()
|
||||||
|
* CVE-2017-10985: FR-GV-302 (v3) Infinite loop and memory exhaustion with 'concat' attributes
|
||||||
|
* CVE-2017-10986: FR-GV-303 (v3) DHCP - Infinite read in dhcp_attr2vp()
|
||||||
|
* CVE-2017-10987: FR-GV-304 (v3) DHCP - Buffer over-read in fr_dhcp_decode_suboptions()
|
||||||
|
* CVE-2017-10988: FR-GV-305 (v3) Decode 'signed' attributes correctly
|
||||||
|
* FR-AD-002 (v3) String lifetime issues in rlm_python
|
||||||
|
* FR-AD-003 (v3) Incorrect statement length passed into sqlite3_prepare
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon May 29 12:40:52 UTC 2017 - adam.majer@suse.de
|
Mon May 29 12:40:52 UTC 2017 - adam.majer@suse.de
|
||||||
|
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
%define apxs2 apxs2-prefork
|
%define apxs2 apxs2-prefork
|
||||||
%define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR)
|
%define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR)
|
||||||
Name: freeradius-server
|
Name: freeradius-server
|
||||||
Version: 3.0.14
|
Version: 3.0.15
|
||||||
Release: 0
|
Release: 0
|
||||||
|
|
||||||
%if 0%{?suse_version} > 1140
|
%if 0%{?suse_version} > 1140
|
||||||
|
Loading…
Reference in New Issue
Block a user