ROSA Linux Bugzilla – Bug 6063
[Update Request] freeradius 3.0.15 CVE-2017-10988
Last modified: 2018-03-03 02:34:22 MSK
When work resumes on on Cooker, it is a good idea to upgrade to 3.0.9. when possible.
FreeRadius 2.2.x, has been declared End of life. The correct version should be 3.0.12
Fuzz testing of freeradius found multiple vulnerabilites that resulted
in either the potential for remote code execution or a possible denial
of service (except for CVE-2017-10988 which was later determined to not
actually result in any vulnerability).
Foe now, I've created a Pull Request.