ELSA-2020-3984 -- Oracle freeradiusID: oval:org.secpod.oval:def:1504316 | Date: (C)2021-01-10 (M)2024-04-17 |
Class: PATCH | Family: unix |
[3.0.13-15] - Fixes EAP-PWD: DoS issues due to multithreaded BN_CTX access Resolves: bz#1818808 [3.0.13-14 - Fixes receiving of multiple RADIUS packets under load Resolves: bz#1630684 [3.0.13-13] - Fixes logging of cleartext pap password Resolves: bz#1677435 [3.0.13-12] - Fixes paircompare with attribute references and expansions Resolves: bz#1592741 [3.0.13-11] - Fixes logrotate, EAP-PWD vulnerability Resolves: bz#1719368 privilege escalation due to insecure logrotate configuration Resolves: bz#1751796 eap-pwd: Information leak due to aborting when needing more than 10 iterations