-
freeradius (3.0.16+dfsg-3ubuntu1.1) cosmic-security; urgency=medium
* SECURITY UPDATE: Bypass authentication
- debian/patches/CVE-2019-11234-and-2019-11235-*.patch: fix
by assuring the received scalar lies within the valid
range, and by checking that the received element is not the
point at infinity and lies on the elliptic curve being used
in src/modules/rlm_eap/types/rlm_eap_pwd/eap_pwd.c.
- CVE-2019-11234
- CVE-2019-11235
-- <email address hidden> (Leonidas S. Barbosa) Wed, 17 Apr 2019 10:17:33 -0300
-
freeradius (3.0.16+dfsg-3ubuntu1) cosmic; urgency=low
* Merge from Debian unstable. Remaining changes:
- d/control: drop b-d on collectd, as it is in universe.
freeradius (3.0.16+dfsg-3) unstable; urgency=medium
* Change default /etc/freeradius permission from 2751 to 2750 (Closes: #890933)
freeradius (3.0.16+dfsg-2) unstable; urgency=medium
* Remove sites-enabled/* from freeradius-config (Closes: #889593)
-- Steve Langasek <email address hidden> Sat, 05 May 2018 07:00:18 +0200
-
freeradius (3.0.16+dfsg-1ubuntu3) bionic; urgency=medium
* No-change rebuild against libcurl4
-- Steve Langasek <email address hidden> Wed, 28 Feb 2018 06:51:17 +0000
