"Alan DeKok" <[EMAIL PROTECTED]> wrote: > > Is there a patch that covers this? If so, we can get guys to take the > > security hold off of the port. If not, is there a timeframe to fix? > > It's fixed in the latest CVS snapshot. We haven't released another > version yet.
Sorry to follow up again... I had to double-check the archives. My memory isn't what it used to be. Version 0.4 of FreeRADIUS was released in December. It has no known buffer over-runs or exploits. The FreeBSD ports collection should be upgraded to use 0.4, from: ftp://ftp.freeradius.org/pub/radius/freeradius-0.4.tar.gz If a NEWER version of the software has been released, the 0.4 version will be moved to: ftp://ftp.freeradius.org/pub/radius/old/freeradius-0.4.tar.gz Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html