CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2024/08/18 04:33:09
Modified files:
net/freeradius : Makefile distinfo
net/freeradius/patches: patch-raddb_radiusd_conf_in
patch-src_main_cb_c
patch-src_main_listen_c
patch-src_main_tls_c
net/freeradius/pkg: PLIST-main
Log message:
update to freeradius-3.2.5, has various fixes but the most important one
relates to the "blastradius" protocol vulnerability, which only affects
authentication (not accounting) traffic, using PAP/CHAP/MSCHAP directly
over UDP RADIUS.
https://www.freeradius.org/release_notes/
https://www.freeradius.org/security/
Notably, RADIUS servers only doing EAP authentication (as is the case
where they're providing auth for WPA-Enterprise wifi APs) aren't affected
by "blastradius".
This cannot be backported to 7.5-stable as other changes in the software
require libcrypto and libssl APIs that have only been added to libressl
after 7.5 release.
