Skip to content

CentOS 7 - Updates for x86_64: system environment/daemons: freeradius

freeradius - High-performance and highly configurable free RADIUS server

License: GPLv2+ and LGPLv2+
Vendor: CentOS
The FreeRADIUS Server Project is a high performance and highly configurable
GPL'd free RADIUS server. The server is similar in some respects to
Livingston's 2.0 server.  While FreeRADIUS started as a variant of the
Cistron RADIUS server, they don't share a lot in common any more. It now has
many more features than Cistron or Livingston, and is much more configurable.

FreeRADIUS is an Internet authentication daemon, which implements the RADIUS
protocol, as defined in RFC 2865 (and others). It allows Network Access
Servers (NAS boxes) to perform authentication for dial-up users. There are
also RADIUS clients available for Web servers, firewalls, Unix logins, and
more.  Using RADIUS allows authentication and authorization for a network to
be centralized, and minimizes the amount of re-configuration which has to be
done when adding or deleting new users.


freeradius-3.0.13-15.el7.x86_64 [1.1 MiB] Changelog by Alexander Scheel (2020-04-16):
- Fixes EAP-PWD: DoS issues due to multithreaded BN_CTX access
  Resolves: bz#1818808

  * Fri Feb 7 2020 Alexander Scheel <> - 3.0.13-14
- Fixes receiving of multiple RADIUS packets under load
  Resolves: bz#1630684
freeradius-3.0.13-10.el7_6.x86_64 [1.1 MiB] Changelog by Alexander Scheel (2019-04-25):
- Fixes two EAP-PWD security issues
  Resolves: bz#1699413 authentication bypass with an invalid curve attack
freeradius-3.0.13-9.el7_5.x86_64 [1.1 MiB] Changelog by Nikolai Kondrashov (2018-02-22):
- Fix double free in rlm_sql acct_redundant
  Resolves: Bug#1551069 Radius service crashes with "Bad talloc magic value -
                        unknown value" when using module sql rlm_sql
freeradius-3.0.13-8.el7_4.x86_64 [1.1 MiB] Changelog by Nikolai Kondrashov (2017-07-17):
- Avoid misinterpreting zero-size malloc in data2vp_extended() fix.
- Related: Bug#1469414 CVE-2017-10984 freeradius: Out-of-bounds write in
freeradius-3.0.13-6.el7.x86_64 [1.1 MiB] Changelog by Nikolai Kondrashov (2017-06-15):
- Avoid race condition when creating session cache file
  Resolves: Bug#1458746 CVE-2017-9148 freeradius: TLS resumption
                        authentication bypass
freeradius-3.0.4-8.el7_3.x86_64 [986 KiB] Changelog by Nikolai Kondrashov (2017-06-15):
- Disable internal OpenSSL cache and fix session cache file permissions.
  Resolves: Bug#1459131 CVE-2017-9148 freeradius: TLS resumption
                        authentication bypass
freeradius-3.0.4-7.el7_3.x86_64 [986 KiB] Changelog by Nikolai Kondrashov (2016-11-14):
- Rename lt_ symbols to fr_ to avoid clashes with libltdl.
  Resolves: Bug#1394787
freeradius-3.0.4-6.el7.x86_64 [985 KiB] Changelog by Nikolai Kondrashov (2014-12-26):
- Don't remove backslash from unknown escape sequences in LDAP values.
  Resolves: Bug#1173526
- Improve dhcpclient and rad_counter online help.
  Resolves: Bug#1146966
- raddb: Move trigger.conf INCLUDE before modules, making it easier to refer
  to trigger variables from module configurations.
  Resolves: Bug#1155961
- Fix ipaddr option fallback onto ipv6.
  Resolves: Bug#1168868
- raddb: Comment on ipaddr/ipv4addr/ipv6addr use.
  Resolves: Bug#1168247

Listing created by repoview