Version 1.1.1 has just been released.
http://www.freeradius.org/security.html
Upgrade now, or disable EAP-MSCHAPv2. That's a bad bug.
ChangeLog:
Security fixes
* Additional state checking in the EAP-MSCHAPv2 module.
Bug found by Steffen Schuster.
Feature improvements
* More dictionary updates
* Additional tests and fixes for Digest module from Phillipe Sultan.
* Add new "phone" response mode to rlm_otp/cryptocard.
* Put the eap sessions into a tree, so that looking them up is very
fast, and no longer O(n) in the number of sessions.
* Install the schema examples for a set of backends with the rest
of the documentation.
* Add support for xlat expansion of attributes from LDAP.
Bug fixes
* Fix rlm_perl crash. (closes: #348)
* Fix handling of CoA-Request packets (close #344). Also correct
name of CoA packets.
* Fix an error on x86_64 machines when reading dictionaries.
(closes: #312)
* Fix compilation errors on FreeBSD and NetBSD because of rlm_otp
module. (closes: #314 #328)
* Workaround Cisco bug in State attribute handling in rlm_otp.
* Support LP64 for async mode in rlm_otp.
* Fix libtool problems on Debian with rlm_eap_peap and rlm_eap_ttls
modules. (closes: #75)
* Make "use_tunneled_reply" work properly for PEAP.
* Copy the whole string when getting a one-to-one-mapped attribute
from LDAP (closes: #261)
* Fix net-snmp's ucd-snmp compatibility mode.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
