Ubuntu

“radsecproxy” 1.4-1+squeeze1build0.11.10.1 source package in The Oneiric Ocelot

Publishing history

1.4-1+squeeze1build0.11.10.1
PUBLISHED: Oneiric pocket Updates in component universe and section net
  • Published on 2012-11-21
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
1.4-1+squeeze1build0.11.10.1
PUBLISHED: Oneiric pocket Security in component universe and section net
  • Published on 2012-11-21
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team by Marc Deslauriers

Builds

Changelog

radsecproxy (1.4-1+squeeze1build0.11.10.1) oneiric-security; urgency=low

  * fake sync from Debian

radsecproxy (1.4-1+squeeze1) stable-security; urgency=high

  * Backport two security fixes from 1.6.1/1.6.2:
    - When verifying clients, don't consider config blocks with CA settings
      ('tls') which differ from the one used for verifying the certificate
      chain (RADSECPROXY-43, CVE-2012-4523). Reported by Ralf Paffrath.
    - Fix the issue with verification of clients when using multiple 'tls'
      config blocks for DTLS too (RADSECPROXY-43, CVE-2012-4566). Reported by
      Raphael Geissert.
 -- Marc Deslauriers <email address hidden>   Wed, 21 Nov 2012 09:43:00 -0500