Paketname
freeradius
Datum
2014-03-13
Advisory ID
MDVSA-2014:058
Betroffene Versionen
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problembeschreibung

Updated freeradius package fixes security vulnerability:

SSHA processing in freeradius before 2.2.3 runs into a stack-based
buffer overflow in the freeradius rlm_pap module if the password
source uses an unusually long hashed password (CVE-2014-2015).

Aktualisierte Pakete

MES5 i586

 ad944c9074b82a96e5bca829cb9e53a6  mes5/i586/freeradius-2.1.0-3.2mdvmes5.2.i586.rpm
 a99e3e6e10a0856e4d755d17653865a0  mes5/i586/freeradius-krb5-2.1.0-3.2mdvmes5.2.i586.rpm
 322a9c4b628cf1e94263c060b6978fde  mes5/i586/freeradius-ldap-2.1.0-3.2mdvmes5.2.i586.rpm
 e554bcf6daa40436f85ad06b4bc4a81a  mes5/i586/freeradius-mysql-2.1.0-3.2mdvmes5.2.i586.rpm
 95588e3bdf6cf1f1711416c1966a5683  mes5/i586/freeradius-postgresql-2.1.0-3.2mdvmes5.2.i586.rpm
 e998de66a546e5f1c325a1aae720ce8d  mes5/i586/freeradius-unixODBC-2.1.0-3.2mdvmes5.2.i586.rpm
 92cc08607f5a1db4b8181f3fa1f882ac  mes5/i586/freeradius-web-2.1.0-3.2mdvmes5.2.i586.rpm
 59efbacd16cd43b769194eebd86b9aa8  mes5/i586/libfreeradius1-2.1.0-3.2mdvmes5.2.i586.rpm
 c22ae710c958e08cd230f90b4a8dd02d  mes5/i586/libfreeradius-devel-2.1.0-3.2mdvmes5.2.i586.rpm 
 cc1524d78d985dcfe1cc52e0c4167c53  mes5/SRPMS/freeradius-2.1.0-3.2mdvmes5.2.src.rpm

MBS1 x86_64

 0057f36548b76ab4309513af32189a7a  mbs1/x86_64/freeradius-2.1.12-9.2.mbs1.x86_64.rpm
 bf926a73a78b4d71ed289882174faff0  mbs1/x86_64/freeradius-krb5-2.1.12-9.2.mbs1.x86_64.rpm
 2a4d779f740e148179a2fa47f6b5d11a  mbs1/x86_64/freeradius-ldap-2.1.12-9.2.mbs1.x86_64.rpm
 6194d14adfb3a1be7098d6a80c68666c  mbs1/x86_64/freeradius-mysql-2.1.12-9.2.mbs1.x86_64.rpm
 aa9d2789f6ba9ef13ddcbd8f1401053b  mbs1/x86_64/freeradius-postgresql-2.1.12-9.2.mbs1.x86_64.rpm
 dced45a8d3116fda640cbf87a92045d9  mbs1/x86_64/freeradius-sqlite-2.1.12-9.2.mbs1.x86_64.rpm
 6334b8e46550b4386845e965de3ddd6e  mbs1/x86_64/freeradius-unixODBC-2.1.12-9.2.mbs1.x86_64.rpm
 7c50512bed1debd14c01ac39a23664a0  mbs1/x86_64/freeradius-web-2.1.12-9.2.mbs1.x86_64.rpm
 180924551409613494f9d37e171981bd  mbs1/x86_64/lib64freeradius1-2.1.12-9.2.mbs1.x86_64.rpm
 aa658a202d8dfa5d34126b548206afb9  mbs1/x86_64/lib64freeradius-devel-2.1.12-9.2.mbs1.x86_64.rpm 
 d71925925b1416ea729b8b85c7f0919c  mbs1/SRPMS/freeradius-2.1.12-9.2.mbs1.src.rpm

MES5 x86_64

 56840a173c160cba06a7fb7c80ddb64f  mes5/x86_64/freeradius-2.1.0-3.2mdvmes5.2.x86_64.rpm
 0941ddc851295f4925de5f583da68475  mes5/x86_64/freeradius-krb5-2.1.0-3.2mdvmes5.2.x86_64.rpm
 e4af5670c6cab9b67add4e70aed3b684  mes5/x86_64/freeradius-ldap-2.1.0-3.2mdvmes5.2.x86_64.rpm
 25df0aba6eee4288d21ecda61c30b778  mes5/x86_64/freeradius-mysql-2.1.0-3.2mdvmes5.2.x86_64.rpm
 b9ccf0bc86cdc0b3cd05bfa4fabacf2a  mes5/x86_64/freeradius-postgresql-2.1.0-3.2mdvmes5.2.x86_64.rpm
 7826a0387961c9d212be1532f2455664  mes5/x86_64/freeradius-unixODBC-2.1.0-3.2mdvmes5.2.x86_64.rpm
 d20ac56207ef50426beaea46e1196c63  mes5/x86_64/freeradius-web-2.1.0-3.2mdvmes5.2.x86_64.rpm
 1dad7dd1a4b40a99c21edc8598b7aeea  mes5/x86_64/lib64freeradius1-2.1.0-3.2mdvmes5.2.x86_64.rpm
 047d0222be6c58c6757fb63c4489e91e  mes5/x86_64/lib64freeradius-devel-2.1.0-3.2mdvmes5.2.x86_64.rpm 
 cc1524d78d985dcfe1cc52e0c4167c53  mes5/SRPMS/freeradius-2.1.0-3.2mdvmes5.2.src.rpm

Referenzen