freeradius-3.0.4-8.el7
エラータID: AXSA:2017-1711:02
The FreeRADIUS Server Project is a high performance and highly configurable
GPL'd free RADIUS server. The server is similar in some respects to
Livingston's 2.0 server. While FreeRADIUS started as a variant of the
Cistron RADIUS server, they don't share a lot in common any more. It now has
many more features than Cistron or Livingston, and is much more configurable.
FreeRADIUS is an Internet authentication daemon, which implements the RADIUS
protocol, as defined in RFC 2865 (and others). It allows Network Access
Servers (NAS boxes) to perform authentication for dial-up users. There are
also RADIUS clients available for Web servers, firewalls, Unix logins, and
more. Using RADIUS allows authentication and authorization for a network to
be centralized, and minimizes the amount of re-configuration which has to be
done when adding or deleting new users.
Security issues fixed with this release:
CVE-2017-9148
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before
3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to
reliably prevent resumption of an unauthenticated session, which
allows remote attackers (such as malicious 802.1X supplicants) to
bypass authentication via PEAP or TTLS.
Update packages.
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS.
N/A
SRPMS
- freeradius-3.0.4-8.el7.src.rpm
MD5: 562a957ef7e805ba5fdbeac7f568f9e5
SHA-256: d321d5bbf27c2defbaa8062b292e7ee9f5d37431c8cc83b216b8d031cb55dbed
Size: 2.79 MB
Asianux Server 7 for x86_64
- freeradius-3.0.4-8.el7.x86_64.rpm
MD5: 758247ab6d368caddc448868ec9163d2
SHA-256: 6ed182943245327957959f4e55ef787b5f624908c3d4275c29c8b42b8aa8158f
Size: 0.96 MB