| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: freeradius-mysql | Distribution: Trustix Secure Linux |
| Version: 1.1.6 | Vendor: Comodo Trustix |
| Release: 1tr | Build date: Mon Apr 16 14:26:30 2007 |
| Group: Trustix Official | Build host: ttrmgtnived.comodo.net |
| Size: 4414 | Source RPM: freeradius-1.1.6-1tr.src.rpm |
| Packager: Comodo Trustix <http://www.trustix.com> | |
| Url: http://www.freeradius.org | |
| Summary: MySQL bindings for freeradius | |
The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many more features than Cistron or Livingston, and is much more configurable. FreeRADIUS is an Internet authentication daemon, which implements the RADIUS protocol, as defined in RFC 2865 (and others). It allows Network Access Servers (NAS boxes) to perform authentication for dial-up users. There are also RADIUS clients available for Web servers, firewalls, Unix logins, and more. Using RADIUS allows authentication and authorization for a network to be centralized, and minimizes the amount of re-configuration which has to be done when adding or deleting new users.
GPL
* Mon Apr 16 2007 Nived Gopalan <nived at trustix dot org> 1.1.6-1tr
- New upstream.
- SECURITY Fix: A security issue has been reported in FreeRADIUS,
caused due to a memory leak within the handling of certain malformed
diameter format values inside an EAP-TTLS tunnel. This can be
exploited to exhaust all available memory by sending a large number
of malformed authentication requests to a vulnerable server.
The Common Vulnerabilities and Exposures project has assigned the
name CVE-2007-2028 to this issue.
* Wed Apr 05 2006 Nived Gopalan <nived at trustix dot org> 1.1.1-1tr
- New upstream.
- SECURITY Fix: A vulnerability has been reported in FreeRADIUS
caused due to an input validation error in the EAP-MSCHAPv2 state
machine. This can be exploited by manipulating the state machine
on a client system to bypass server authentication checks. Successful
exploitation may allow the attacker to gain network access without
requiring knowledge of logon credentials or cause the server to crash.
The Common Vulnerabilities and Exposures project has assigned the
name CVE-2006-1354 to this issue.
* Thu Oct 13 2005 Ajith Thampi <ajith at comodo dot com> 1.0.4-2tr
- enable shared now
- fix dependencies
- fix undefined symbol nscd_flush_cache breaking radiusd daemon
* Fri Jun 24 2005 Hasher J <hasher at comodo dot com> 1.0.4-1tr
- New upstream.
- Fix installation problem.
Increase a buffer size, so radrelay doesn't truncate values.
Updates in the documentation. Patches from Thor Spruyt.
- Security Fixes
Always escape the strings in the SQL module.
Check buffer bound when input character needs escaping in
the SQL module. Bug found by Primoz Bratanic.
* Thu May 19 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 1.0.2-5tr
- Security Fix: Potential SQL Injection and Buffer Overflow Vulnerabilities.
- A boundary error in the "sql_escape_func()" function in rlm_sql.c
can potentially be exploited to cause a buffer overflow via specially
crafted input that needs escaping.
- Missing sanitation when calling the "radius_xlat()" function in
rlm_sql.c can potentially be exploited by authenticated users to
manipulate SQL queries by injecting arbitrary SQL code.
* Wed Apr 20 2005 Ajith Thampi <ajith at comodo dot com> 1.0.2-4tr
- Rebuilt for postgresql-8.0.2
- Changed to new init priority
* Tue Apr 12 2005 Raghu <raghu at comodo dot com> 1.0.2-3tr
- Rebuilt for openldap-2.2.24
* Tue Apr 12 2005 Raghu <raghu at comodo dot com> 1.0.2-2tr
- Rebuilt for openldap-2.2.9
* Tue Apr 05 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 1.0.2-1tr
- Initial Spec for TSL-3.0
/usr/lib/rlm_sql_mysql.a
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon May 20 05:14:11 2013