Bug 6063 - [Update Request] freeradius 3.0.15 CVE-2017-10988
: [Update Request] freeradius 3.0.15 CVE-2017-10988
Status: CONFIRMED
Product: Desktop Bugs
Classification: ROSA Desktop
Component: Main Packages
: Fresh
: All Linux
: Normal normal
: ---
Assigned To: ROSA Linux Bugs
: ROSA Linux Bugs
http://freeradius.org/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-08-16 17:09 MSD by Zombie Ryushu
Modified: 2017-07-31 16:09 MSD (History)
2 users (show)

See Also:
RPM Package: freeradius
ISO-related:
Bad POT generating:
Upstream:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Zombie Ryushu 2015-08-16 17:09:31 MSD
When work resumes on on Cooker, it is a good idea to upgrade to 3.0.9. when possible.
Comment 1 Zombie Ryushu 2017-02-16 13:45:45 MSK
FreeRadius 2.2.x, has been declared End of life. The correct version should be 3.0.12
Comment 2 Zombie Ryushu 2017-07-30 23:19:55 MSD
Fuzz testing of freeradius found multiple vulnerabilites that resulted
in either the potential for remote code execution or a possible denial
of service (except for CVE-2017-10988 which was later determined to not
actually result in any vulnerability).
Comment 3 Zombie Ryushu 2017-07-31 16:09:56 MSD
Foe now, I've created a Pull Request.