Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

openSUSE: 12.2, 12.1, 11.4 Important: Freeradius Stack Overflow

opensuse
Calendar Grey September 18, 2012
Dist Opensuse Esm H88
Important security patch for openSUSE addresses stack overflow vulnerability in freeradius. Protect your system now to avert potential problems.
An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata An update that solves one vulnerability and has one errata is ...

Description

This update of freeradius fixes a stack overflow in TLS

handling, which can be exploited by remote attackers able

to access Radius to execute code.

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 12.2:

zypper in -t patch openSUSE-2012-616

- openSUSE 12.1:

zypper in -t patch openSUSE-2012-616

- openSUSE 11.4:

zypper in -t patch openSUSE-2012-616

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 12.2 (i586 x86_64):

freeradius-server-2.1.12-4.4.1

freeradius-server-debuginfo-2.1.12-4.4.1

freeradius-server-debugsource-2.1.12-4.4.1

freeradius-server-devel-2.1.12-4.4.1

freeradius-server-dialupadmin-2.1.12-4.4.1

freeradius-server-doc-2.1.12-4.4.1

freeradius-server-libs-2.1.12-4.4.1

freeradius-server-libs-debuginfo-2.1.12-4.4.1

freeradius-server-utils-2.1.12-4.4.1

freeradius-server-utils-debuginfo-2.1.12-4.4.1

- openSUSE 12.1 (i586 x86_64):

freeradius-server-2.1.12-4.1

freeradius-server-debuginfo-2.1.12-4.1

freeradius-server-debugsource-2.1.12-4.1

freeradius-server-devel-2.1.12-4.1

freeradius-server-dialupadmin-2.1.12-4.1

freeradius-server-doc-2.1.12-4.1

freeradius-server-libs-2.1.12-4.1

freeradius-server-libs-debuginfo-2.1.12-4.1

freeradius-server-utils-2.1.12-4.1

freeradius-server-utils-debuginfo-2.1.12-4.1

- openSUSE 11.4 (i586 x86_64):

freeradius-server-2.1.10-8.1

freeradius-server-debuginfo-2.1.10-8.1

freeradius-server-debugsource-2.1.10-8.1

freeradius-server-devel-2.1.10-8.1

freeradius-server-...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2012-3547.html

https://login.microfocus.com/nidp/app/login?sid=0

https://login.microfocus.com/nidp/app/login?sid=0

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2012:1200-1
Rating: important
Affected Products: openSUSE 12.2 openSUSE 12.1 openSUSE 11.4

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.