Date: Tue, 30 May 2017 17:54:07 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 219662] net/freeradius: CVE-2017-9148 FreeRADIUS TLS resumption authentication bypass Message-ID: <bug-219662-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D219662 Bug ID: 219662 Summary: net/freeradius: CVE-2017-9148 FreeRADIUS TLS resumption authentication bypass Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: ohartmann@walstatt.org FreeRadius < 3.0.14 suffers from a bug in the caching mechanism, as reporte= d in "CVE-2017-9148 FreeRADIUS TLS resumption authentication bypass", as you can read here: http://seclists.org/oss-sec/2017/q2/342 There is a version 3.0.14 out, which fixes the bug. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-219662-13>