Download
| Alert*
oval:org.secpod.oval:def:89000371
This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . - Fixed an issue in TLS-EAP where the OCSP verification, when an intermediate client certif ... oval:org.secpod.oval:def:88499 freeradius: high-performance and highly configurable RADIUS server Several security issues were fixed in FreeRADIUS. oval:org.secpod.oval:def:68007 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * freeradius: eap-pwd: DoS issues due to multithreaded BN_CTX access For more details about t ... oval:org.secpod.oval:def:89000049 This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . oval:org.secpod.oval:def:89000686 This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . - Fixed an issue in TLS-EAP where the OCSP verification, when an intermediate client certif ... oval:org.secpod.oval:def:89000602 This update for freeradius-server fixes the following issues: - CVE-2019-13456: Fixed a side-channel password leak in EAP-pwd . - CVE-2019-17185: Fixed a debial of service due to multithreaded BN_CTX access . oval:org.secpod.oval:def:2500051 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. oval:org.secpod.oval:def:1504211 [3.0.20-3] - Require make for proper bootstrap execution, removes post script Resolves: bz#1672285 [3.0.20-2] - Fix breakage caused by OpenSSL FIPS regression Related: bz#1855822 Related: bz#1810911 Resolves: bz#1672285 [3.0.20-1] - Update to FreeRADIUS server version 3.0.20 - Introduce Python 3 sup ... oval:org.secpod.oval:def:504735 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * freeradius: eap-pwd: DoS issues due to multithreaded BN_CTX access For more details about t ... oval:org.secpod.oval:def:86656 freeradius: high-performance and highly configurable RADIUS server Several security issues were fixed in FreeRADIUS. oval:org.secpod.oval:def:205663 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * freeradius: privilege escalation due to insecure logrotate configuration * freeradius: eap- ... oval:org.secpod.oval:def:504319 FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * freeradius: privilege escalation due to insecure logrotate configuration * freeradius: eap- ... oval:org.secpod.oval:def:1700458 It was discovered freeradius does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. An infor ... oval:org.secpod.oval:def:1504316 [3.0.13-15] - Fixes EAP-PWD: DoS issues due to multithreaded BN_CTX access Resolves: bz#1818808 [3.0.13-14 - Fixes receiving of multiple RADIUS packets under load Resolves: bz#1630684 [3.0.13-13] - Fixes logging of cleartext pap password Resolves: bz#1677435 [3.0.13-12] - Fixes paircompare with attr ... |