freeradius (2.2.8+dfsg-0.1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: read/write overflow in make_secret()
    - debian/patches/CVE-2017-10978.patch: check lengths in
      src/lib/radius.c.
    - CVE-2017-10978
  * SECURITY UPDATE: write overflow in rad_coalesce
    - debian/patches/CVE-2017-10979.patch: check for long attributes in
      src/lib/dhcp.c, src/lib/radius.c.
    - CVE-2017-10979
  * SECURITY UPDATE: memory leak in decode_tlv()
    - debian/patches/CVE-2017-10980.patch: fix memory leak in
      src/lib/dhcp.c.
    - CVE-2017-10980
  * SECURITY UPDATE: memory leak in fr_dhcp_decode()
    - debian/patches/CVE-2017-10981.patch: fix another memory leak in
      src/lib/dhcp.c.
    - CVE-2017-10981
  * SECURITY UPDATE: read overflow in fr_dhcp_decode_options()
    - debian/patches/CVE-2017-10982.patch: check for long options in
      src/lib/dhcp.c.
    - CVE-2017-10982
  * SECURITY UPDATE: read overflow when decoding option 63
    - debian/patches/CVE-2017-10983.patch: decode correct option in
      src/lib/dhcp.c.
    - CVE-2017-10983

Date: 2017-07-26 15:22:22.681909+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/freeradius/2.2.8+dfsg-0.1ubuntu0.1
Sorry, changesfile not available.
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

Reply via email to