Synopsis: Moderate: freeradius security and bug fix update
Advisory ID: SLSA-2020:3984-1
Issue Date: 2020-10-01
CVE Numbers: CVE-2019-10143
CVE-2019-13456
CVE-2019-17185
—
Security Fix(es):
* freeradius: privilege escalation due to insecure logrotate configuration
(CVE-2019-10143)
* freeradius: eap-pwd: Information leak due to aborting when needing more
than 10 iterations (CVE-2019-13456)
* freeradius: eap-pwd: DoS issues due to multithreaded BN_CTX access
(CVE-2019-17185)
—
SL7
x86_64
freeradius-3.0.13-15.el7.x86_64.rpm
freeradius-debuginfo-3.0.13-15.el7.x86_64.rpm
freeradius-debuginfo-3.0.13-15.el7.i686.rpm
freeradius-devel-3.0.13-15.el7.i686.rpm
freeradius-devel-3.0.13-15.el7.x86_64.rpm
freeradius-doc-3.0.13-15.el7.x86_64.rpm
freeradius-krb5-3.0.13-15.el7.x86_64.rpm
freeradius-ldap-3.0.13-15.el7.x86_64.rpm
freeradius-mysql-3.0.13-15.el7.x86_64.rpm
freeradius-perl-3.0.13-15.el7.x86_64.rpm
freeradius-postgresql-3.0.13-15.el7.x86_64.rpm
freeradius-python-3.0.13-15.el7.x86_64.rpm
freeradius-sqlite-3.0.13-15.el7.x86_64.rpm
freeradius-unixODBC-3.0.13-15.el7.x86_64.rpm
freeradius-utils-3.0.13-15.el7.x86_64.rpm
– Scientific Linux Development Team
