rpms/freeradius/FC-6 freeradius-1.0.1-CVE-2007-2028.patch, NONE, 1.1 freeradius.spec, 1.36, 1.37
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed May 9 15:01:13 UTC 2007
Author: twoerner
Update of /cvs/dist/rpms/freeradius/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv16370
Modified Files:
freeradius.spec
Added Files:
freeradius-1.0.1-CVE-2007-2028.patch
Log Message:
[tw]
- fixed CVE-2007-2028: EAP-TTLS denial of service
Resolves: rhbz#236248
freeradius-1.0.1-CVE-2007-2028.patch:
ttls.c | 4 ++++
1 files changed, 4 insertions(+)
--- NEW FILE freeradius-1.0.1-CVE-2007-2028.patch ---
--- freeradius-1.0.1/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c.CVE-2007-2028 2004-04-19 22:21:19.000000000 +0200
+++ freeradius-1.0.1/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c 2007-04-25 13:44:00.000000000 +0200
@@ -255,6 +255,7 @@
DEBUG2(" rlm_eap_ttls: Invalid length attribute %d",
attr);
pairfree(&first);
+ pairfree(&vp);
return NULL;
}
memcpy(&vp->lvalue, data, vp->length);
@@ -270,6 +271,7 @@
DEBUG2(" rlm_eap_ttls: Invalid length attribute %d",
attr);
pairfree(&first);
+ pairfree(&vp);
return NULL;
}
memcpy(&vp->lvalue, data, vp->length);
@@ -340,6 +342,7 @@
(vp->length > 16)) {
DEBUG2(" TTLS: Tunneled challenge has invalid length");
pairfree(&first);
+ pairfree(&vp);
return NULL;
} else {
@@ -353,6 +356,7 @@
if (challenge[i] != vp->strvalue[i]) {
DEBUG2(" TTLS: Tunneled challenge is incorrect");
pairfree(&first);
+ pairfree(&vp);
return NULL;
}
}
Index: freeradius.spec
===================================================================
RCS file: /cvs/dist/rpms/freeradius/FC-6/freeradius.spec,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -r1.36 -r1.37
--- freeradius.spec 21 Nov 2006 16:16:05 -0000 1.36
+++ freeradius.spec 9 May 2007 15:01:06 -0000 1.37
@@ -1,7 +1,7 @@
Summary: High-performance and highly configurable free RADIUS server.
Name: freeradius
Version: 1.1.3
-Release: 1.1
+Release: 2%{dist}
License: GPL
Group: System Environment/Daemons
URL: http://www.freeradius.org/
@@ -22,6 +22,7 @@
Patch10: freeradius-1.1.3-build.patch
Patch11: freeradius-1.1.2-no_sql_inc.patch
Patch12: freeradius-1.1.3-ldap.patch
+Patch13: freeradius-1.0.1-CVE-2007-2028.patch
%description
The FreeRADIUS Server Project is a high performance and highly configurable
@@ -79,6 +80,7 @@
%patch10 -p1 -b .build
%patch11 -p1 -b .no_sql_inc
%patch12 -p1 -b .ldap
+%patch13 -p1 -b .CVE-2007-2028
%build
@@ -282,6 +284,10 @@
%changelog
+* Wed May 9 2007 Thomas Woerner <twoerner at redhat.com> 1.1.3-2.fc6
+- fixed CVE-2007-2028: EAP-TTLS denial of service
+ Resolves: rhbz#236248
+
* Tue Nov 21 2006 Thomas Woerner <twoerner at redhat.com> 1.1.3-1.1
- fixed ldap code to not use internals, added LDAP_DEPRECATED compile time flag
(#210912)
More information about the fedora-cvs-commits
mailing list