Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 23 Sep 2004 08:43:25 +1200
From:      Andrew Thompson <andy@fud.org.nz>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/72012: [maintainer-update] security update for net/freeradius
Message-ID:  <20040922204325.GA24831@thingy.tbd.co.nz>
Resent-Message-ID: <200409222040.i8MKeKb7023410@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         72012
>Category:       ports
>Synopsis:       [maintainer-update] security update for net/freeradius
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 22 20:40:19 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Andrew Thompson
>Release:        FreeBSD 5.2-CURRENT i386
>Organization:
<organization of PR author (multiple lines)>
>Environment:
System: FreeBSD nhs1.fire.org.nz 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Wed Aug 11 12:00:31 NZST 2004 thompsa@nhs1.fire.org.nz:/usr/obj/usr/src/sys/NHS1 i386


	<machine, os, target, libraries (multiple lines)>
>Description:
Update to 1.0.1 for the following bug-fixes. (no functionality changes)

*Please commit before 5.3*


Denial-of-Service Security Fix
* Fix two remote crashes and a memory leak in RADIUS packet
  decoding.

Bug fixes.
* Fix premature "success" during EAP/TLS handshake.
* Dictionary handling now complains about identically named
  values with different values, and rejects dictionary
  entries with bad data
* Update dictionaries to deal with the above change.

>How-To-Repeat:
	<code/input/activities to reproduce the problem (multiple lines)>
>Fix:

diff -urN net/freeradius.orig/Makefile net/freeradius/Makefile
--- net/freeradius.orig/Makefile	Thu Sep 23 08:23:51 2004
+++ net/freeradius/Makefile	Thu Sep 23 08:24:11 2004
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	freeradius
-PORTVERSION=	1.0.0
+PORTVERSION=	1.0.1
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.freeradius.org/pub/radius/ \
 		ftp://ftp.Awfulhak.org/pub/radius/
diff -urN net/freeradius.orig/distinfo net/freeradius/distinfo
--- net/freeradius.orig/distinfo	Thu Sep 23 08:23:51 2004
+++ net/freeradius/distinfo	Thu Sep 23 08:24:58 2004
@@ -1,2 +1,2 @@
-MD5 (freeradius-1.0.0.tar.gz) = 4755295e786c2d119c6749cc4dc66e10
-SIZE (freeradius-1.0.0.tar.gz) = 2199631
+MD5 (freeradius-1.0.1.tar.gz) = abc30cb71367f859ceed4de6477cd59f
+SIZE (freeradius-1.0.1.tar.gz) = 2237745


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040922204325.GA24831>