freeradius2: bump to 2.2.10
- Fix multiple security issues. See http://freeradius.org/security/fuzzer-2017.html Thanks to Guido Vranken for working with us to discover the issues and test the fixes. - FR-GV-207 Avoid zero-length malloc() in data2vp(). - FR-GV-206 correct decoding of option 60. - FR-GV-205 check for "too long" WiMAX options. - FR-GV-204 free VP if decoding fails, so we don't leak memory. - FR-GV-203 fix memory leak when using decode_tlv(). - FR-GV-202 check for "too long" attributes. - FR-GV-201 check input/output length in make_secret(). - FR-AD-001 Use strncmp() instead of memcmp() for bounded data. - Disable in-memory TLS session caches due to OpenSSL API issues. - Allow issuer_cert to be empty. - Look for extensions using correct index. - Fix types. - Work around OpenSSL 1.0.2 problems, which cause failures in TLS-based EAP methods. - Revert RedHat contributed bug which removes run-time checks for OpenSSL consistency. - Allow OCSP responder URL to be later in the packet Fix by Ean Pasternak. - Catch empty subject and non-existent issuer cert in OCSP Fix by Ean Pasternak. - Allow non-FIPS for MD5 Fix by Ean Pasternak. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
This commit is contained in:
Zoltan HERPAI
parent
520ac45ca8
commit
1657a09a2d
1 changed files with 2 additions and 2 deletions
|
|
@ -8,14 +8,14 @@
|
|||
include $(TOPDIR)/rules.mk
|
||||
|
||||
PKG_NAME:=freeradius2
|
||||
PKG_VERSION:=2.2.9
|
||||
PKG_VERSION:=2.2.10
|
||||
PKG_RELEASE:=1
|
||||
|
||||
PKG_SOURCE:=freeradius-server-$(PKG_VERSION).tar.bz2
|
||||
PKG_SOURCE_URL:=\
|
||||
ftp://ftp.freeradius.org/pub/freeradius/ \
|
||||
ftp://ftp.freeradius.org/pub/freeradius/old/
|
||||
PKG_MD5SUM:=d1398327ba4e23c75da06d8a0e01096b
|
||||
PKG_MD5SUM:=f1ce12d2b8258585cb3d525f5bdfeb17
|
||||
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
|
||||
PKG_LICENSE:=GPL-2.0
|
||||
PKG_LICENSE_FILES:=COPYRIGHT LICENSE
|
||||
|
|
|
|||
Loading…
Reference in a new issue