Skip to content

"SLC6X: system environment/daemons: freeradius

freeradius - High-performance and highly configurable free RADIUS server

Website: http://www.freeradius.org/
License: GPLv2+ and LGPLv2+
Vendor: Scientific Linux CERN, http://cern.ch/linux
Description:
The FreeRADIUS Server Project is a high performance and highly configurable
GPL'd free RADIUS server. The server is similar in some respects to
Livingston's 2.0 server.  While FreeRADIUS started as a variant of the
Cistron RADIUS server, they don't share a lot in common any more. It now has
many more features than Cistron or Livingston, and is much more configurable.

FreeRADIUS is an Internet authentication daemon, which implements the RADIUS
protocol, as defined in RFC 2865 (and others). It allows Network Access
Servers (NAS boxes) to perform authentication for dial-up users. There are
also RADIUS clients available for Web servers, firewalls, Unix logins, and
more.  Using RADIUS allows authentication and authorization for a network to
be centralized, and minimizes the amount of re-configuration which has to be
done when adding or deleting new users.

Packages

freeradius-2.2.6-7.el6_9.i686 [1.5 MiB] Changelog by Nikolai Kondrashov (2017-07-11):
- Resolves: Bug#1469115 CVE-2017-10979 freeradius: Out-of-bounds write in
                        rad_coalesce()
- Resolves: Bug#1469118 CVE-2017-10978 freeradius: Out-of-bounds read/write
                        due to improper output buffer size check in make_secret()
- Resolves: Bug#1469120 CVE-2017-10980 freeradius: Memory leak in decode_tlv() 
- Resolves: Bug#1469122 CVE-2017-10981 freeradius: Memory leak in
                        fr_dhcp_decode()
- Resolves: Bug#1469124 CVE-2017-10982 freeradius: Out-of-bounds read in
                        fr_dhcp_decode_options()
- Resolves: Bug#1469126 CVE-2017-10983 freeradius: Out-of-bounds read in
                        fr_dhcp_decode() when decoding option 63
freeradius-2.2.6-6.el6_7.i686 [1.5 MiB] Changelog by Nikolai Kondrashov (2015-09-10):
- Fix EAP-TTLS/CHAP/MSCHAP/MSCHAPv2 authentication with WPA supplicant v2.4
  Related: Bug#1254176 FreeRADIUS 2.2.6 miscalculates MPPE keys with TLS 1.2
freeradius-2.2.6-4.el6.i686 [1.5 MiB] Changelog by Nikolai Kondrashov (2015-02-12):
- Move OpenSSL init out of version check
  Resolves: Bug#1189394 radiusd segfaults after update
- Comment-out ippool-dhcp.conf inclusion
  Resolves: Bug#1189386 radiusd fails to start after 'clean' installation
freeradius-2.1.12-6.el6.i686 [1.4 MiB] Changelog by Nikolai Kondrashov (2014-07-19):
- Fix missing braces around a condition branch in client response_window
  patch.
- Resolves: bug#1107843
freeradius-2.1.12-4.el6_3.i686 [1.4 MiB] Changelog by John Dennis (2012-09-24):
- resolves: bug#855316
  CVE-2012-3547 freeradius: Stack-based buffer overflow by processing
  certain expiration date fields of a certificate during x509 certificate
  validation
freeradius-2.1.12-3.el6.i686 [1.4 MiB] Changelog by John Dennis (2012-04-10):
- resolves: bug#810605 Segfault with freeradius-perl threading
freeradius-2.1.10-5.el6.i686 [1.3 MiB] Changelog by John Dennis (2011-03-24):
- Resolves: #689045 Using rlm_perl cause radiusd failed to start
  Fix configure typo which caused lt_dladvise_* functions to be skipped.
  run autogen.sh because HAVE_LT_DLADVISE_INIT isn't in src/main/autogen.h
  Implemented by: freeradius-lt-dladvise.patch

Listing created by repoview