Information on source package freeradius

Available versions

ReleaseVersion
wheezy2.1.12+dfsg-1.2
wheezy (security)2.1.12+dfsg-1.2+deb7u2
jessie2.2.5+dfsg-0.2
jessie (security)2.2.5+dfsg-0.2+deb8u1
stretch3.0.12+dfsg-5
stretch (security)3.0.12+dfsg-5+deb9u1
buster3.0.15+dfsg-2
sid3.0.15+dfsg-2

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2015-4680fixedvulnerable (no DSA)fixedfixedfixedFreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly ...

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
CVE-2007-0080vulnerablevulnerablevulnerablevulnerablevulnerable** DISPUTED ** ...

Resolved issues

BugDescription
TEMP-0000000-01E656Possible SQL injection in freeradius
CVE-2017-9148The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before ...
CVE-2017-10987An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - ...
CVE-2017-10986An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - ...
CVE-2017-10985An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite ...
CVE-2017-10984An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write ...
CVE-2017-10983An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before ...
CVE-2017-10982An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - ...
CVE-2017-10981An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - ...
CVE-2017-10980An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - ...
CVE-2017-10979An FR-GV-202 issue in FreeRADIUS 2.x before 2.2.10 allows "Write ...
CVE-2017-10978An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before ...
CVE-2015-8764Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through ...
CVE-2015-8763The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote ...
CVE-2015-8762The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote ...
CVE-2014-2015Stack-based buffer overflow in the normify function in the rlm_pap ...
CVE-2012-3547Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS ...
CVE-2011-4966modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode ...
CVE-2011-2701The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when ...
CVE-2010-3697The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x ...
CVE-2010-3696The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in ...
CVE-2010-0524The default configuration of the FreeRADIUS server in Apple Mac OS X ...
CVE-2009-3111The rad_decode function in FreeRADIUS before 1.1.8 allows remote ...
CVE-2008-4474freeradius-dialupadmin in freeradius 2.0.4 allows local users to ...
CVE-2007-2028Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to ...
CVE-2006-1354Unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows ...
CVE-2005-4746Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote ...
CVE-2005-4745SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS ...
CVE-2005-4744Off-by-one error in the sql_error function in sql_unixodbc.c in ...
CVE-2005-1455Buffer overflow in the sql_escape_func function in the SQL module for ...
CVE-2005-1454SQL injection vulnerability in the radius_xlat function in the SQL ...
CVE-2004-0961Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to ...
CVE-2004-0960FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of ...
CVE-2004-0938FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of ...
CVE-2003-0968Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb ...
CVE-2003-0967rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to ...

Security announcements

DSA / DLADescription
DLA-1064-1freeradius - security update
DSA-3930-1freeradius - security update
DSA-3930-1freeradius - security update
DLA-977-1freeradius - security update
DSA-2546-1freeradius - code execution
DSA-1145-1freeradius - several
DSA-1089-1freeradius - several vulnerabilities

Search for package or bug name: Reporting problems