ports/72012: [maintainer-update] security update for net/freeradius
Andrew Thompson
andy at fud.org.nz
Wed Sep 22 20:40:25 UTC 2004
>Number: 72012
>Category: ports
>Synopsis: [maintainer-update] security update for net/freeradius
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Wed Sep 22 20:40:19 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Andrew Thompson
>Release: FreeBSD 5.2-CURRENT i386
>Organization:
<organization of PR author (multiple lines)>
>Environment:
System: FreeBSD nhs1.fire.org.nz 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Wed Aug 11 12:00:31 NZST 2004 thompsa at nhs1.fire.org.nz:/usr/obj/usr/src/sys/NHS1 i386
<machine, os, target, libraries (multiple lines)>
>Description:
Update to 1.0.1 for the following bug-fixes. (no functionality changes)
*Please commit before 5.3*
Denial-of-Service Security Fix
* Fix two remote crashes and a memory leak in RADIUS packet
decoding.
Bug fixes.
* Fix premature "success" during EAP/TLS handshake.
* Dictionary handling now complains about identically named
values with different values, and rejects dictionary
entries with bad data
* Update dictionaries to deal with the above change.
>How-To-Repeat:
<code/input/activities to reproduce the problem (multiple lines)>
>Fix:
diff -urN net/freeradius.orig/Makefile net/freeradius/Makefile
--- net/freeradius.orig/Makefile Thu Sep 23 08:23:51 2004
+++ net/freeradius/Makefile Thu Sep 23 08:24:11 2004
@@ -6,7 +6,7 @@
#
PORTNAME= freeradius
-PORTVERSION= 1.0.0
+PORTVERSION= 1.0.1
CATEGORIES= net
MASTER_SITES= ftp://ftp.freeradius.org/pub/radius/ \
ftp://ftp.Awfulhak.org/pub/radius/
diff -urN net/freeradius.orig/distinfo net/freeradius/distinfo
--- net/freeradius.orig/distinfo Thu Sep 23 08:23:51 2004
+++ net/freeradius/distinfo Thu Sep 23 08:24:58 2004
@@ -1,2 +1,2 @@
-MD5 (freeradius-1.0.0.tar.gz) = 4755295e786c2d119c6749cc4dc66e10
-SIZE (freeradius-1.0.0.tar.gz) = 2199631
+MD5 (freeradius-1.0.1.tar.gz) = abc30cb71367f859ceed4de6477cd59f
+SIZE (freeradius-1.0.1.tar.gz) = 2237745
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list