Headline

RHSA-2023:2870: Red Hat Security Advisory: freeradius:3.0 security update

An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

CVE-2022-41859: In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.
CVE-2022-41860: In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.
CVE-2022-41861: A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.

1 year ago

Red Hat Security Data

Open in Source

#sql #vulnerability #linux #red_hat #perl #ldap #auth #ibm #postgres

Synopsis

Moderate: freeradius:3.0 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network.

Security Fix(es):

freeradius: Information leakage in EAP-PWD (CVE-2022-41859)
freeradius: Crash on unknown option in EAP-SIM (CVE-2022-41860)
freeradius: Crash on invalid abinary data (CVE-2022-41861)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

BZ - 2078483 - CVE-2022-41859 freeradius: Information leakage in EAP-PWD
BZ - 2078485 - CVE-2022-41860 freeradius: Crash on unknown option in EAP-SIM
BZ - 2078487 - CVE-2022-41861 freeradius: Crash on invalid abinary data

References

https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

Red Hat Enterprise Linux for x86_64 8

SRPM

freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.src.rpm

SHA-256: 51d6c92c801d572e0b59f2367010f0cc511f7281be02450bbd80d8756294fae8

x86_64

freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 423cf1cbec8d6748dcb06bd90751c064a1f0632e805212e950ac3c5d776ce574

freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: b8b59f9489587e65cb2d6c29cf3b08b4b5852966753aac6b2924d045aa166d95

freeradius-debugsource-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 3792055ed98afe978d9004e065b7adf0eb60231ceec5c428bd81592784e57a67

freeradius-devel-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 51b028811e9b0adddfea47be687655d45719cf054c37135313603de5ba7f2ff0

freeradius-doc-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: a34fdfce8a268e8a99f5cf0a69ee63ac81c92d84d4fff36e1d5269789ba1e7cc

freeradius-krb5-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 6a16a52a54c5d01c0a997b4fd3019437ba4fb9c7d50ed877d6bbd061eea81176

freeradius-krb5-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: e6f091cfa21053410a8c9b8c0dd252ced3e3ae6d476b2bafe4bd8ea9391a7fc8

freeradius-ldap-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 5055bd092705598fa00176877932c007c89a826cb67fcbe976c64ac1cc52192e

freeradius-ldap-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 40c2c032221e55d3f5e96da0ee58c1fea5bfb59e1df3b6467b6371fc084b39c1

freeradius-mysql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 43114b9010be4d6280ec59f986e643fdeef58bf7f4e5aa623d3d63b476b8ba2b

freeradius-mysql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: dc137bf82d5a39f0ac6d2993ddf432d89f6b3699c7b6b32b9e8847a528104b27

freeradius-perl-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 2f443c4549ba277d8aa4647c1af40f8174588ba11510a43706932d58f38d348f

freeradius-perl-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: b876bbe552a0bd57e352c40703db6c42a643a274586b09ee517dd8c07e35d5b1

freeradius-postgresql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: db0bdc0f70735d17a98bfbf6f0e46d10554dcb4ba22495b51d397782e2406dc7

freeradius-postgresql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 06ad1f576bde75a3a9d3bf8e966315b059c41804a1b3f86839639f5ec3cf8038

freeradius-rest-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 6e1e02eca6a360199b10421bc46755aa5267d592d002757149eb0ade47de840a

freeradius-rest-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 2838dc1d98dfe5c838cf25ef61cab68968e3bdc4180906fe3b32388e1aefd507

freeradius-sqlite-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 53e580d6c3ae43bd0edf445aca48e74022b3d47bf822814f596d3868f19cc5c9

freeradius-sqlite-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: f94ed7b7134135f0aa81399aafbfb134329379ca8f30683a2dac6e10e3fe7a4c

freeradius-unixODBC-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 1f5337b74a3787cc56f5ad5f9346d5c9d1a62db2d52a4c2cdf2e5920db96a1d4

freeradius-unixODBC-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: ef38c080511c45b5b51974bb0a5d0b9b4ef7c2cd4e4f4e47441c620581e0fec4

freeradius-utils-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 234d0878e907b5cebadc1057a47d068f44d5210ab3755f8c8c3277ad8095e13a

freeradius-utils-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 3a82157ec5fad876909ce1bd46a4943b4ca99f2e53cbe9aa0ee526f30baedce4

python3-freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 6e46ba9205d569dcc349b3c21d3784e5e72b38ccee569c316779bff8fbd70b74

python3-freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.x86_64.rpm

SHA-256: 39cc6982f9c2f69599310e743d6b86ae548c85594523042afef6caabd642c780

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.src.rpm

SHA-256: 51d6c92c801d572e0b59f2367010f0cc511f7281be02450bbd80d8756294fae8

s390x

freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 2a47661c56aa71c442d13757761dfd80e78adfdfe45a7fa96f105d26533ab4f2

freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 0b21971580418b57f515b7b2f43390cce5c0c9cb9743cd62d1efdec3133e5576

freeradius-debugsource-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 2a2a2ac007d0864fb67e1ff5543ae394abdb566701b62c8c3ce84852dabc4cba

freeradius-devel-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 4b71b3a34dded6c1d89f108123ef3e587e692f558c956aae241b5f9765b33398

freeradius-doc-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: da7782e1135e68bf475cfa522cf9ae00cad9073876eb7a9e77d71612b554f877

freeradius-krb5-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 3519d43ef11ae591978907938076485d163cc3ab91878ffa98651ef8bb5f5cfc

freeradius-krb5-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: e7382c0d0ee881b49814fccdb09229f16ac6455656e6fd6a3fd4c17ff13e798b

freeradius-ldap-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: c2aa65b3900367b9da75db87131123443b6f0ba2da1774ea1a083c6452d689f8

freeradius-ldap-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 41de7c74e011c363a86fbe787200bd7fffb011470f81e286f9f688d84248a287

freeradius-mysql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: c6779fdc01252faac93e6d0b58bd7bf37b5b86c5c431025a44f654d9ce3fe494

freeradius-mysql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 4b746696581193e9899500d545987a0b74cd31558855352a0970d89d50f6c8e6

freeradius-perl-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: e92e250eb62c895b86f04370dd0507eeaa334807691796006bb86a3038bc5b45

freeradius-perl-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: c17aa5d1cfb616e35d96bfe3e3d1ae9b17d4a0d6acab14e2e6f9b3c860a26df1

freeradius-postgresql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 214a463d282beaa2d10bfecc5845e0d3877ffead1246585f1f1c9982ba592103

freeradius-postgresql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 1b923304fce79443f6a6907f4f16748fccf5fb41f0bbeb821ab11e5e09fcf0b4

freeradius-rest-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 0deed33106d03b70191bc26bd5e68fa718a5fa18f85962db1701741743a386e5

freeradius-rest-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: c09ddd7cd9aa0b4518ee3eb051f2302bef1e95709e403d67c7f0c57ca872001b

freeradius-sqlite-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 4f0ad6d0fc1add7943cd4039075831a52d21fe705ba0639e40c265a1c3cb3cda

freeradius-sqlite-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: ff06a79738fa2a3a971a984a9807ac34a738242936a07b9f69f5fb3d607f1cfb

freeradius-unixODBC-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 3e17233af8c94546516ec49b708e7ec3dcb85de5588fef4b17746dc0286c61a5

freeradius-unixODBC-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 759292d5ee9b4721e437e76e597f41834000d189740f95e31780024995a27bbb

freeradius-utils-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: af9d002aae1616e2be87acc43fca2e51e3124f29dd8ccb8dc53fde5cc6d37ca4

freeradius-utils-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 83e733cf93782ef15e497fcfe1d5efd61a6b4213e0739e5fa357784374c7b313

python3-freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 6432ddccdd32b22689702c195fb6d94b31459ae3ede9e11ab4f8c6605cb7b26f

python3-freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.s390x.rpm

SHA-256: 9d3d4d3dad0460bfd776b43a785a883903777063af99dd6a30971dbe7b75959c

Red Hat Enterprise Linux for Power, little endian 8

SRPM

freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.src.rpm

SHA-256: 51d6c92c801d572e0b59f2367010f0cc511f7281be02450bbd80d8756294fae8

ppc64le

freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 8d8599b1ec9a75e9a20001281cb3eb15b4f02f72756b53a9b70e8e5810e21cbe

freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 055fea853c0e6c81cdf3a046ec03679342d52dfc224c79762aefc4f534457f8c

freeradius-debugsource-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 6b3dcff149bdfeae561a45518f237bb6abd38983c305c5086ee8bec78c4e14d7

freeradius-devel-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 287c33da8c5c6f8d20acbe2d5316cd1bb5d335ba584309a3410fc8e8cf1c095d

freeradius-doc-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: c193bb33d78ddebdb0116aece941267d55a54c32b23749a417ff3574d8485515

freeradius-krb5-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 57d2d3c448e5463c3b2f0da0bea9c0b99d9f46848d3ca283b8cc36d1c729f7ce

freeradius-krb5-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 1b73e1bf1fe808efaabd440b09a94b2de51e4b82ee071c7cf6e0fb2578d8d67b

freeradius-ldap-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 58d2ef62d3f074f59b353a59ed9f3a5ec86cb10c250af12e09019012ca1dc5fc

freeradius-ldap-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 3ad23e151b96d40ffe4b1b7b124c169ceebd3397ebe12a87327a7fa4d91920c7

freeradius-mysql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 1b542f1cc59a5f6e1335c44802380b274512652dec4c40ac4b15e20a64738eae

freeradius-mysql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 68b1f5eeefda7aaae365ee3f4ac0abf9ed42097c5def89bec73c0c76f5936d0c

freeradius-perl-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 979907008f3622db038f83678ab394f7aeb1f597d1f93dc3028207af936a2fb1

freeradius-perl-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: d2f2a76e7ae1058f272cea30be7d582141ecb2150a7dae7d939d0e1b21e0e635

freeradius-postgresql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 1fa0b87d6467ee0ea6a224477d9dcdd2f7ceaf4a563c2fad5efac1cf1886fa6f

freeradius-postgresql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 008edc6ca6b89087194a7ab7b0b4eca5bacd60bb5a7fb194bc82d34de5def486

freeradius-rest-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: d2cf6cc988e85caf95bbfd587948a3fd5cf19e08d4caa4d14552aebc138bd65a

freeradius-rest-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 58e64d200c08cbbbc0e69ea4b2252b4ba968211d04a68998d18c66e6e025fe03

freeradius-sqlite-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: de88f549e59f2d4bbce681a0afa96a86aeb8ee76a01eb9939b2eb8aed3aaf737

freeradius-sqlite-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: d8ad8078b4662a1b2e82645277b34ea17786fded94523480725e63816108f943

freeradius-unixODBC-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 072e844a76498bddd4cdc8dfaf5834e49e7785d25ace097a48377a38602d4dcd

freeradius-unixODBC-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 41edfe7c04bd07764bd49dc4e15198e990eacf3511656874a5fdf4928bfd44a8

freeradius-utils-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 53cf36068590ef8e943d5d296440fef6e02c8c4ba84ce480987b99d0a4e71621

freeradius-utils-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 4eedb8a83f42aa8248ddd7dbed71e4f1e2e3962afba2574919a099c26b3d9665

python3-freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 44affb32d98e367df53859a9bf840e63b1a1b561cc4e27160872034b04e7aa2e

python3-freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.ppc64le.rpm

SHA-256: 87aa8aa0c934c0bcdc99c904ae8e17cef7ba8340ce17720a4f8b28b713149699

Red Hat Enterprise Linux for ARM 64 8

SRPM

freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.src.rpm

SHA-256: 51d6c92c801d572e0b59f2367010f0cc511f7281be02450bbd80d8756294fae8

aarch64

freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: b25274fad41103b027953d4a46d0378c5ea24b28ac410fc9d29c6a99aa3cf3f4

freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 3f7f8b9f9b27126a66bd8cf916c74fcde8cae6cad4a101b954b1734923a097a0

freeradius-debugsource-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 10510adfa9ac1ad9e7101dffdbb0861c843c2f825551f4a64539d672e3cd4229

freeradius-devel-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: c613ae2b540228271b78d3f81af16994545323052bb3a42f0e59e43d0b847eb8

freeradius-doc-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 42cb2905227bed6d8a1af596463f40c132615e129d2db498e3eec8a59b2cc0f0

freeradius-krb5-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 06e8bb3560cfd098b6422f514f6db5028a8b334598d692f4238ec2374482a0e2

freeradius-krb5-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 13dfc29762201e3cb292d0484a3a720cede90bf922925957538fe506a65c31f0

freeradius-ldap-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 211798d965ce13c84e1be74bab1ba74c4165956c582a1c02717892daa62f29f0

freeradius-ldap-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 067d15efbf59b453891bc5ead7f85a72bcb45018ca88f63f9b4a1172adf5c4c9

freeradius-mysql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 9b014a9f0634e08f0739f2c65a54420885dbb5a1e126bde21176895c7a5a7122

freeradius-mysql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 9bb0bd815716410790c60941db92e415bbf4d72e0fd1ee5f0889a3233b148c57

freeradius-perl-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: d4561316065f5159634481657dc5a6ee507908c9e3ffacf192f618e8014740e8

freeradius-perl-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 8d2d2143d09721235df29d57aa85e5e0a821ba5d1ff210a29d8f4384e2df4d9b

freeradius-postgresql-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 06b84c427e0fe389b5b87769dacd7bdd15439748d9e03a95b983925a31009176

freeradius-postgresql-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 58cd64ea168c4d9eb8b6520000abeba3d52e4a35d5a4701064b8d184315fe755

freeradius-rest-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 32b6c52e771688fb5e825931e199273ce2e45c53b17021b601d46dab49f5277c

freeradius-rest-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: cef14e82ec367f1aeb1c347df63acde78b9f253ca542914c1859ca620594a1e4

freeradius-sqlite-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 3601cb6f511389ce2334069e5f8140f67f1eb97ee24932e9eb5a776e25bfd34f

freeradius-sqlite-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 00cf55d7f2eb7e95a1a1d7a411fc2573c722bce9a5d2275b718bd6c30d025669

freeradius-unixODBC-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: ebfef020377112f707f2c56b8dde57c5b3b15e00fbc84230b42ea91daee523c2

freeradius-unixODBC-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 44f7abfb1fc82152a608163b1eae037070e439552348523cb29c29c3a73561d2

freeradius-utils-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 3bed1485c6d574b60a31e35030bd8337243e270f724e127bc88f3a56fb685d47

freeradius-utils-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 96e2577d8ad0f12363dca37a4ddb84aa81d147fb6e7db0fcc753d236867eceef

python3-freeradius-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: a4f5865d01d6ab2be832a840631a79aef89e8301c0c34e9d614e69f47c0788b2

python3-freeradius-debuginfo-3.0.20-14.module+el8.8.0+17558+3f8a93b9.aarch64.rpm

SHA-256: 4547694de6b0db01de07cd5a1f098c10a635b699926f0e61adb0547c1f0e01fc

Related news

Red Hat Security Advisory 2023-2870-01

Red Hat Security Advisory 2023-2870-01 - FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Issues addressed include an information leakage vulnerability.

1 year ago

Packet Storm

Open in Source

#sql #vulnerability #linux #red_hat #js #perl #ldap #auth #postgres

RHSA-2023:2166: Red Hat Security Advisory: freeradius security and bug fix update

An update for freeradius is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41859: In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack. * CVE-2022-41860: In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictio...

1 year ago

Red Hat Security Data

Open in Source

#sql #vulnerability #linux #red_hat #perl #ldap #auth #ibm #postgres

RHSA-2023:2166: Red Hat Security Advisory: freeradius security and bug fix update

1 year ago

Red Hat Security Data

Open in Source

#sql #vulnerability #linux #red_hat #perl #ldap #auth #ibm #postgres

RHSA-2023:2166: Red Hat Security Advisory: freeradius security and bug fix update

1 year ago

Red Hat Security Data

Open in Source

#sql #vulnerability #linux #red_hat #perl #ldap #auth #ibm #postgres

CVE-2022-41859: port fixes from master · FreeRADIUS/freeradius-server@9e5e8f2

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

1 year ago

CVE

Open in Source

#mac

CVE-2022-41860: it's probably wrong to be completely retarded. Let's fix that. · FreeRADIUS/freeradius-server@f1cdbb3

In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash.

1 year ago

CVE

Open in Source

#auth

CVE-2022-41861: manual port of commit 5906bfa1 · FreeRADIUS/freeradius-server@0ec2b39

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash.

1 year ago

CVE

Open in Source

Ubuntu Security Notice USN-5785-1

Ubuntu Security Notice 5785-1 - It was discovered that FreeRADIUS incorrectly handled multiple EAP-pwd handshakes. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. Shane Guan discovered that FreeRADIUS incorrectly handled memory when checking unknown SIM option sent by EAP-SIM supplicant. An attacker could possibly use this issue to cause a denial of service on the server. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

1 year ago

Packet Storm

Open in Source

#vulnerability #ubuntu #dos #git

Ubuntu Security Notice USN-5785-1

1 year ago

Packet Storm

Open in Source

#vulnerability #ubuntu #dos #git