Date: Thu, 23 Sep 2004 08:43:25 +1200 From: Andrew Thompson <andy@fud.org.nz> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/72012: [maintainer-update] security update for net/freeradius Message-ID: <20040922204325.GA24831@thingy.tbd.co.nz> Resent-Message-ID: <200409222040.i8MKeKb7023410@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 72012 >Category: ports >Synopsis: [maintainer-update] security update for net/freeradius >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Wed Sep 22 20:40:19 GMT 2004 >Closed-Date: >Last-Modified: >Originator: Andrew Thompson >Release: FreeBSD 5.2-CURRENT i386 >Organization: <organization of PR author (multiple lines)> >Environment: System: FreeBSD nhs1.fire.org.nz 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Wed Aug 11 12:00:31 NZST 2004 thompsa@nhs1.fire.org.nz:/usr/obj/usr/src/sys/NHS1 i386 <machine, os, target, libraries (multiple lines)> >Description: Update to 1.0.1 for the following bug-fixes. (no functionality changes) *Please commit before 5.3* Denial-of-Service Security Fix * Fix two remote crashes and a memory leak in RADIUS packet decoding. Bug fixes. * Fix premature "success" during EAP/TLS handshake. * Dictionary handling now complains about identically named values with different values, and rejects dictionary entries with bad data * Update dictionaries to deal with the above change. >How-To-Repeat: <code/input/activities to reproduce the problem (multiple lines)> >Fix: diff -urN net/freeradius.orig/Makefile net/freeradius/Makefile --- net/freeradius.orig/Makefile Thu Sep 23 08:23:51 2004 +++ net/freeradius/Makefile Thu Sep 23 08:24:11 2004 @@ -6,7 +6,7 @@ # PORTNAME= freeradius -PORTVERSION= 1.0.0 +PORTVERSION= 1.0.1 CATEGORIES= net MASTER_SITES= ftp://ftp.freeradius.org/pub/radius/ \ ftp://ftp.Awfulhak.org/pub/radius/ diff -urN net/freeradius.orig/distinfo net/freeradius/distinfo --- net/freeradius.orig/distinfo Thu Sep 23 08:23:51 2004 +++ net/freeradius/distinfo Thu Sep 23 08:24:58 2004 @@ -1,2 +1,2 @@ -MD5 (freeradius-1.0.0.tar.gz) = 4755295e786c2d119c6749cc4dc66e10 -SIZE (freeradius-1.0.0.tar.gz) = 2199631 +MD5 (freeradius-1.0.1.tar.gz) = abc30cb71367f859ceed4de6477cd59f +SIZE (freeradius-1.0.1.tar.gz) = 2237745 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040922204325.GA24831>