Format: 1.8 Date: Wed, 26 Jul 2017 10:32:39 -0400 Source: freeradius Binary: freeradius freeradius-common freeradius-utils libfreeradius2 libfreeradius-dev freeradius-krb5 freeradius-ldap freeradius-postgresql freeradius-mysql freeradius-iodbc freeradius-dbg Architecture: all amd64 Version: 2.2.8+dfsg-0.1ubuntu0.1 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: freeradius - high-performance and highly configurable RADIUS server freeradius-common - FreeRADIUS common files freeradius-dbg - debug symbols for the FreeRADIUS packages freeradius-iodbc - iODBC module for FreeRADIUS server freeradius-krb5 - kerberos module for FreeRADIUS server freeradius-ldap - LDAP module for FreeRADIUS server freeradius-mysql - MySQL module for FreeRADIUS server freeradius-postgresql - PostgreSQL module for FreeRADIUS server freeradius-utils - FreeRADIUS client utilities libfreeradius-dev - FreeRADIUS shared library development files libfreeradius2 - FreeRADIUS shared library Changes: freeradius (2.2.8+dfsg-0.1ubuntu0.1) xenial-security; urgency=medium . * SECURITY UPDATE: read/write overflow in make_secret() - debian/patches/CVE-2017-10978.patch: check lengths in src/lib/radius.c. - CVE-2017-10978 * SECURITY UPDATE: write overflow in rad_coalesce - debian/patches/CVE-2017-10979.patch: check for long attributes in src/lib/dhcp.c, src/lib/radius.c. - CVE-2017-10979 * SECURITY UPDATE: memory leak in decode_tlv() - debian/patches/CVE-2017-10980.patch: fix memory leak in src/lib/dhcp.c. - CVE-2017-10980 * SECURITY UPDATE: memory leak in fr_dhcp_decode() - debian/patches/CVE-2017-10981.patch: fix another memory leak in src/lib/dhcp.c. - CVE-2017-10981 * SECURITY UPDATE: read overflow in fr_dhcp_decode_options() - debian/patches/CVE-2017-10982.patch: check for long options in src/lib/dhcp.c. - CVE-2017-10982 * SECURITY UPDATE: read overflow when decoding option 63 - debian/patches/CVE-2017-10983.patch: decode correct option in src/lib/dhcp.c. - CVE-2017-10983 Checksums-Sha1: c1759a295327b52296ed229bd5f26132d391ca42 205852 freeradius-common_2.2.8+dfsg-0.1ubuntu0.1_all.deb a0ff7a1db0f6db09589803eeddf5d5354848e941 1027364 freeradius-dbg_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb a8e759cbccd3f0aba1ecc4d68f448500b487fbdd 992 freeradius-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb c047e85b3ba49e15787d5e387b36ac3f12bf0cd6 882 freeradius-iodbc-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 4077e26870443ab351edc1d990dbc4fba23d365c 6342 freeradius-iodbc_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 025559b6a9111be498f4666c66ec75a0e87a3615 864 freeradius-krb5-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 59f8d0a85664d0d05d782e7e1604a8f8e30dbbdd 7056 freeradius-krb5_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 5aa1419c71c9e3cf75dbf46f19b29be2f49093f2 860 freeradius-ldap-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb e73f29a0f48f8d73fe244b47eb26803b9118ba74 24224 freeradius-ldap_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb f37d96c52979dcbf7faa3c40e6592f71469a2a1a 874 freeradius-mysql-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 995cba98d8dba65e74a4cc9d41d1e4b59016b726 14302 freeradius-mysql_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 034a1fac2de92b7f186a91059effcc91704d9fc0 880 freeradius-postgresql-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 67617a3437d0965f581c28320f97032cb7dc45ca 22502 freeradius-postgresql_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 174cafe4163cd61d3cd745975eae7ccdd2b1281a 940 freeradius-utils-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 435aa39311918e27c1c8944e05330fc3902e2490 57464 freeradius-utils_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 71554aee171b4b3b897c6aa42c4739c926c0b31e 525978 freeradius_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 7ce2457903389524e107f9cea5ed5404f3da89e3 904 libfreeradius-dev-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 9dd9e43629a8784754faa178427b7ea4a945c2df 116078 libfreeradius-dev_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 1397f9d3fddef8f570924998a65abc1ac90e3a68 860 libfreeradius2-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 6adb1cd38acb681cba7f3fb178fbad3e6b327d9e 84724 libfreeradius2_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb Checksums-Sha256: 6f88440b1584f421b025ff3ba117552c548ba0a402c1e7e23b3278b09e2a25a1 205852 freeradius-common_2.2.8+dfsg-0.1ubuntu0.1_all.deb 0de8a403296d7569f8a91a11169913b0c0d8e67b57234b3ead74336ddd9d7b3d 1027364 freeradius-dbg_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb eb1aa13160ec8b6d7c2de445c93d118086fd5145950ba04a5caf306e75275e91 992 freeradius-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 2a7e30f32c3b6423384f8f949949e61f153216379f0c0adda891496e0d2310c0 882 freeradius-iodbc-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 028440d14231354f70eda3ab5061fdb5e87dfce14a2412426eea572acf6bd53c 6342 freeradius-iodbc_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 8154e7ed8b1a0a5636ccc8ae2e163eccfaf914473939fd8f77e2941a719e3791 864 freeradius-krb5-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb f01890ada4b7f3b645aacc1f29164dccb587a65e39294c9c8db39ccbf824f590 7056 freeradius-krb5_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb afbdf0fb841d5172e21eb68f938c6ffb063f88fd70ab98a8a1b911985c442cf4 860 freeradius-ldap-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb b7dd6d3fbdc32518daab9f83dc69484e608a780da3e25cae7c44291650023677 24224 freeradius-ldap_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb b9e3f2f665a1ae91da5e622d68d99df0de5ccc49f65ffaca801e49fe8d2ad375 874 freeradius-mysql-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 6d84f0a7f4b572918661d4eeb2990c048f3b38d473353f5cf71c4f6cd0600e18 14302 freeradius-mysql_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 7ebb5c1b08c54f67d577389ce1283f83995613add80381ac440fbddf08f1ac08 880 freeradius-postgresql-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb e595863753fbf76c24a703ca0fc4d9f41fe18359c2daa5f1e0e86c4b32a47ea1 22502 freeradius-postgresql_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb d3ab596001db07734ff9b31ffe24a863fe237c5b817a836a6db104a6af7a069c 940 freeradius-utils-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb e79caa66b2b1b76d56f4db0d2783a32562f93ec8ec4be33352410f02fd772412 57464 freeradius-utils_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 93d3204af1fafbc7482b089daca4cfd3a4103eeb556535bd3cd1f7847b3c49f8 525978 freeradius_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 128fd30a4f0878702bbe326bc67b84b0fb4a56489d3ae26483035b3755155299 904 libfreeradius-dev-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 1cd7cff0c93b78ec3a44c164f5280e564df42110edad504cee8159f0cd617061 116078 libfreeradius-dev_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 4e7b3e7f7e3524cbb74ff18f8d711c26075dffd67dab7b7dc65b6ac13b533c94 860 libfreeradius2-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb cdb1baac4af16a9b92c0e661511190f229b9460c0fa525e6874b42b183e1485b 84724 libfreeradius2_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb Files: 5434d7257070513bee336a93f081ed47 205852 net optional freeradius-common_2.2.8+dfsg-0.1ubuntu0.1_all.deb ef49dd3503e6fb8bad74ffda560a1852 1027364 debug extra freeradius-dbg_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb cbb0b5631709b9966bee7a087c3933a1 992 net extra freeradius-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 37b9d85817296972c337e62d8b3d25f6 882 net extra freeradius-iodbc-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 3f22fe1a32c276005a59e22bfa102e95 6342 net optional freeradius-iodbc_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 536631e3c198814bcbf039623ff9f4c4 864 net extra freeradius-krb5-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb af15528f6f9914115af58676fc6964e9 7056 net optional freeradius-krb5_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 93a62bf2a994198dd05dc821608966da 860 net extra freeradius-ldap-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 6be039bccde0c0c6478adedba702e005 24224 net optional freeradius-ldap_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 1f46ee3e9aa01114f431dbff61d63fcb 874 net extra freeradius-mysql-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 0edbcc87a4c8dada423b0a58c847a3ae 14302 net optional freeradius-mysql_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb ff110b3919bfaae464a745950a9942a5 880 net extra freeradius-postgresql-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb a89b318b63ee681e39d76c51c14735d4 22502 net optional freeradius-postgresql_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 00d010edbb456e260f0721b53e45ac4d 940 net extra freeradius-utils-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 85910f310145eae3117b44417e76ab55 57464 net optional freeradius-utils_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb aa5e83b0b36bf7235612fe231804a674 525978 net optional freeradius_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb 8888e81e82c7beb5bc8ff43d99f7a6c2 904 libdevel extra libfreeradius-dev-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 1e4b3480b601c7b40148f13566466ddf 116078 libdevel optional libfreeradius-dev_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb a3f25aa3d8abc047231144297bc5b6b7 860 net extra libfreeradius2-dbgsym_2.2.8+dfsg-0.1ubuntu0.1_amd64.ddeb 1ad9645103f70111e1f5a0ade1b58e12 84724 net optional libfreeradius2_2.2.8+dfsg-0.1ubuntu0.1_amd64.deb Original-Maintainer: Josip Rodin