This update for freeradius-server fixes the following issues: - update to 3.0.15 * Bind the lifetime of program name and python path to the module * CVE-2017-10978: FR-GV-201: Check input / output length in make_secret * CVE-2017-10983: FR-GV-206: Fix read overflow when decoding DHCP option 63 * CVE-2017-10984: FR-GV-301: Fix write overflow in data2vp_wimax * CVE-2017-10985: FR-GV-302: Fix infinite loop and memory exhaustion with "concat" attributes * CVE-2017-10986: FR-GV-303: Fix infinite read in dhcp_attr2vp * CVE-2017-10987: FR-GV-304: Fix buffer over-read in fr_dhcp_decode_suboptions * CVE-2017-10988: FR-GV-305: Decode "signed" attributes correctly. * FR-AD-001: use strncmp instead of memcmp for bounded data * Print messages when we see deprecated configuration items * Show reasons why we couldn"t parse a certificate expiry time * Be more accepting about truncated ASN1 times. * Fix OpenSSL API issue which could leak small amounts of memory. * For Access-Reject, call rad_authlog after running the post-auth section, just like for Access-Accept. * Don"t crash when reading corrupted data from session resumption cache. * Parse port in dhcpclient. * Don"t leak memory for OpenSSL. * Portability fixes taken from OpenBSD port collection. * run rad_authlog after post-auth for Access-Reject. * Don"t process VMPS packets twice. * Fix attribute truncation in rlm_perl * Fix bug when processing huntgroups. * FR-AD-002 - Bind the lifetime of program name and python path to the module * FR-AD-003 - Pass correct statement length into sqlite3_prepare[_v2]