Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora Core 3: Severe OpenSSL Denial of Service Issue - FEDORA-2005-809

fedora
Calendar Grey August 25, 2005
Dist Fedora Esm H88
Enhanced FreeRADIUS version for Fedora Core 3 tackles buffer overflow and SQL injection security flaws.
Update package.

Summary

The FreeRADIUS Server Project is a high performance and highly configurable

GPL'd free RADIUS server. The server is similar in some respects to

Livingston's 2.0 server. While FreeRADIUS started as a variant of the

Cistron RADIUS server, they don't share a lot in common any more. It now has

many more features than Cistron or Livingston, and is much more configurable.

FreeRADIUS is an Internet authentication daemon, which implements the RADIUS

protocol, as defined in RFC 2865 (and others). It allows Network Access

Servers (NAS boxes) to perform authentication for dial-up users. There are

also RADIUS clients available for Web servers, firewalls, Unix logins, and

more. Using RADIUS allows authentication and authorization for a network to

be centralized, and minimizes the amount of re-configuration which has to be

done when adding or deleting new users.

- Fixed buffer overflow and possible SQL injection attacks in rlm_sql

CAN-2005-1454, CAN-2005-1455 (#156942)

9962dba5d86ccd7cda65d258c5fc26dd SRPMS/freeradius-1.0.1-2.FC3.1.src.rpm

4560108a586bc70b856f2d92f762184d x86_64/freeradius-1.0.1-2.FC3.1.x86_64.rpm

d0f7fb5fdca5e19dfbd2865c43b1372c x86_64/freeradius-mysql-1.0.1-2.FC3.1.x86_64.rpm

3b1ed183ccbe1a551873665dfa47d27b x86_64/freeradius-postgresql-1.0.1-2.FC3.1.x86_64.rpm

f774f3e506542a147a9c437fd9827f32 x86_64/freeradius-unixODBC-1.0.1-2.FC3.1.x86_64.rpm

406c64ae72f8dceb89e9feb41d441b29 x86_64/debug/freeradius-debuginfo-1.0.1-2.FC3.1.x86_64.rpm

b36869ec31ed8bfc5f65cf661aefc9ac i386/freeradius-1.0.1-2.FC3.1.i386.rpm

11bf8030e7219afe25494be0ee264d79 i386/freeradius-mysql-1.0.1-2.FC3.1.i386.rpm

61a988c6a68de067cd7062e76c09e8f8 i386/freeradius-postgresql-1.0.1-2.FC3.1.i386.rpm

b1e62440dc7bbb5754332d451d12c804 i386/freeradius-unixODBC-1.0.1-2.FC3.1.i386.rpm

1dc5d3ee6f3a76fc6e469e41df900bfd i386/debug/freeradius-debuginfo-1.0.1-2.FC3.1.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

fedora-announce-list mailing list

fedora-announce-list@redhat.com

Topics%20covered

Topics Covered

security advisory high severity fedora buffer overflow sql injection freeradius authentication server

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: freeradius
Version: 1.0.1
Release: 2.FC3.1
Summary: High-performance and highly configurable free RADIUS server.

Topics%20covered

Topics Covered

security advisory high severity fedora buffer overflow sql injection freeradius authentication server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here