SUSE-SU-2017:2202-1
- Source
- https://www.suse.com/support/update/announcement/2017/suse-su-20172202-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2202-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2017:2202-1
- Related
- Published
- 2017-08-17T06:39:20Z
- Modified
- 2017-08-17T06:39:20Z
- Summary
- Security update for freeradius-server
- Details
-
This update for freeradius-server fixes the following issues:
- update to 3.0.15 (bsc#1049086)
- Bind the lifetime of program name and python path to the module
- CVE-2017-10978: FR-GV-201: Check input / output length in makesecret() (bsc#1049086)
- CVE-2017-10983: FR-GV-206: Fix read overflow when decoding DHCP option 63 (bsc#1049086)
- CVE-2017-10984: FR-GV-301: Fix write overflow in data2vpwimax() (bsc#1049086)
- CVE-2017-10985: FR-GV-302: Fix infinite loop and memory exhaustion with 'concat' attributes (bsc#1049086)
- CVE-2017-10986: FR-GV-303: Fix infinite read in dhcpattr2vp() (bsc#1049086)
- CVE-2017-10987: FR-GV-304: Fix buffer over-read in frdhcpdecodesuboptions() (bsc#1049086)
- CVE-2017-10988: FR-GV-305: Decode 'signed' attributes correctly. (bsc#1049086)
- FR-AD-001: use strncmp() instead of memcmp() for bounded data
- Print messages when we see deprecated configuration items
- Show reasons why we couldn't parse a certificate expiry time
- Be more accepting about truncated ASN1 times.
- Fix OpenSSL API issue which could leak small amounts of memory.
- For Access-Reject, call radauthlog() after running the post-auth section, just like for Access-Accept.
- Don't crash when reading corrupted data from session resumption cache.
- Parse port in dhcpclient.
- Don't leak memory for OpenSSL.
- Portability fixes taken from OpenBSD port collection.
- run radauthlog after post-auth for Access-Reject.
- Don't process VMPS packets twice.
- Fix attribute truncation in rlm_perl
- Fix bug when processing huntgroups.
- FR-AD-002 - Bind the lifetime of program name and python path to the module
- FR-AD-003 - Pass correct statement length into sqlite3prepare[v2]
- update to 3.0.15 (bsc#1049086)
- References
-
- https://www.suse.com/support/update/announcement/2017/suse-su-20172202-1/
- https://bugzilla.suse.com/1049086
- https://www.suse.com/security/cve/CVE-2017-10978
- https://www.suse.com/security/cve/CVE-2017-10983
- https://www.suse.com/security/cve/CVE-2017-10984
- https://www.suse.com/security/cve/CVE-2017-10985
- https://www.suse.com/security/cve/CVE-2017-10986
- https://www.suse.com/security/cve/CVE-2017-10987
- https://www.suse.com/security/cve/CVE-2017-10988
Affected packages
SUSE:Linux Enterprise Software Development Kit 12 SP3 / freeradius-server
Package
- Name
- freeradius-server
- Purl
- pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
SUSE:Linux Enterprise Server 12 SP3 / freeradius-server
Package
- Name
- freeradius-server
- Purl
- pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.15-2.3.1
Ecosystem specific
{
"binaries": [
{
"freeradius-server-libs": "3.0.15-2.3.1",
"freeradius-server-doc": "3.0.15-2.3.1",
"freeradius-server": "3.0.15-2.3.1",
"freeradius-server-mysql": "3.0.15-2.3.1",
"freeradius-server-krb5": "3.0.15-2.3.1",
"freeradius-server-utils": "3.0.15-2.3.1",
"freeradius-server-sqlite": "3.0.15-2.3.1",
"freeradius-server-postgresql": "3.0.15-2.3.1",
"freeradius-server-ldap": "3.0.15-2.3.1",
"freeradius-server-perl": "3.0.15-2.3.1",
"freeradius-server-python": "3.0.15-2.3.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / freeradius-server
Package
- Name
- freeradius-server
- Purl
- pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.15-2.3.1
Ecosystem specific
{
"binaries": [
{
"freeradius-server-libs": "3.0.15-2.3.1",
"freeradius-server-doc": "3.0.15-2.3.1",
"freeradius-server": "3.0.15-2.3.1",
"freeradius-server-mysql": "3.0.15-2.3.1",
"freeradius-server-krb5": "3.0.15-2.3.1",
"freeradius-server-utils": "3.0.15-2.3.1",
"freeradius-server-sqlite": "3.0.15-2.3.1",
"freeradius-server-postgresql": "3.0.15-2.3.1",
"freeradius-server-ldap": "3.0.15-2.3.1",
"freeradius-server-perl": "3.0.15-2.3.1",
"freeradius-server-python": "3.0.15-2.3.1"
}
]
}