freeradius (2.1.12+dfsg-1.2ubuntu8.2) trusty-security; urgency=medium
* SECURITY UPDATE: read/write overflow in make_secret()
- debian/patches/CVE-2017-10978.patch: check lengths in
src/lib/radius.c.
- CVE-2017-10978
* SECURITY UPDATE: write overflow in rad_coalesce
- debian/patches/CVE-2017-10979.patch: check for long attributes in
src/lib/dhcp.c, src/lib/radius.c.
- CVE-2017-10979
* SECURITY UPDATE: memory leak in decode_tlv()
- debian/patches/CVE-2017-10980.patch: fix memory leak in
src/lib/dhcp.c.
- CVE-2017-10980
* SECURITY UPDATE: memory leak in fr_dhcp_decode()
- debian/patches/CVE-2017-10981.patch: fix another memory leak in
src/lib/dhcp.c.
- CVE-2017-10981
* SECURITY UPDATE: read overflow in fr_dhcp_decode_options()
- debian/patches/CVE-2017-10982.patch: check for long options in
src/lib/dhcp.c.
- CVE-2017-10982
* SECURITY UPDATE: read overflow when decoding option 63
- debian/patches/CVE-2017-10983.patch: decode correct option in
src/lib/dhcp.c.
- CVE-2017-10983
Date: 2017-07-26 15:25:41.905888+00:00
Changed-By: Marc Deslauriers <[email protected]>
Signed-By: Ubuntu Archive Robot
<[email protected]>
https://launchpad.net/ubuntu/+source/freeradius/2.1.12+dfsg-1.2ubuntu8.2
Sorry, changesfile not available.
--
Trusty-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/trusty-changes
