Linux repositories inspector

freeradius-server-python-debuginfo - Debug information for package freeradius-server-python

This package provides debug information for package freeradius-server-python. Debug information is useful when developing applications that use this package or when debugging this package.
3.0.16
OpenSUSE iconOpenSUSE Leap 15.0
OpenSUSE iconOpenSUSE Leap 15.1
OpenSUSE iconOpenSUSE Leap 15.2
3.0.15
OpenSUSE iconOpenSUSE Leap 42.3
3.0.14
OpenSUSE iconOpenSUSE Leap 42.3
DistributionVersionSincePackageInstalledPackager
OpenSUSE iconOpenSUSE Leap 15.0 debug/ossrpm3.0.16-lp150.1.52019-01-1788.1 kiB63 kiBhttps://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.0 debug/update/ossrpm3.0.16-lp150.2.3.12019-06-1771.8 kiB62.9 kiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.1 debug/ossrpm3.0.16-lp151.2.42019-04-0370.8 kiB62.9 kiBhttps://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 15.2 debug/ossrpm3.0.16-lp152.4.5Jan 0771.1 kiB62.8 kiBhttps://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 42.3 debug/ossrpm3.0.14-1.12019-01-1789.9 kiB97 kiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 42.3 debug/update/ossrpm3.0.15-9.12019-06-1792.3 kiB96.8 kiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 42.3 debug/update/ossrpm3.0.15-6.12019-01-1892.2 kiB96.9 kiBhttp://bugs.opensuse.org
OpenSUSE iconOpenSUSE Leap 42.3 debug/update/ossrpm3.0.15-3.12019-01-1891.7 kiB96.9 kiBhttp://bugs.opensuse.org

Latest updates

OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Version 3.0.19-5.1 removed

Mar 26
OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Updated from 3.0.19-4.1 to 3.0.19-5.1

Mar 14
  • Enable memcached driver on SLE15
OpenSUSE icon

OpenSUSE Leap 15.2 debug/oss: Version 3.0.16-lp152.4.5 introduced

Jan 07
  • CVE-2019-11235.patch: fixes authentication bypass vulnerability in the EAP-PWD module via invalid curve attack or a reflection attack vector. (CVE-2019-11235, CVE-2019-11234, bsc#1132549, bsc#1132664)
OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Updated from 3.0.19-3.5 to 3.0.19-4.1

Dec 27
  • Add missing BuildRequire on samba-core-devel required for windbind support in rlm_mschap.
OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Updated from 3.0.19-3.4 to 3.0.19-3.5

Dec 04
  • update to 3.0.19 (jira#SLE-5890)
    Feature improvements
    • Update dictionary.cisco
    • Update sqlippool to allow for stored procedures with PostgreSQL. This increases performance substantially. Patch from Nathan Ward. Fixes #2540.
    • Re-added "show client config" command to radmin.
    • Cleaned up mods-available/sql example so that it is easier to understand.
    • Added pfSense dictionary. Closes #2581
    • Update dictionary.h3c Closes #2592
    • Update elasticsearch/logstash config for v6.7.0.
    • EAP-PWD security fixes from Mathy Vanhoef. See
      http://freeradius.org/security/
      (CVE-2019-11234, CVE-2019-11235, bsc#1132549, bsc#1132664)
    Bug fixes
    • Update dynamic_client module and server core so that
      the functionality works. This has been broken since
      at least v2.
    • Fix crash in sqlippool due to escaping changes.
      Patch from Nathan Ward. Fixes #2532, #2533.
    • Fix systemd notify, watchdog and unit files.
      Fixes #2541, #2499.
    • Fix erroneous length check in EAP-FAST.
    • Update documentation to remove old "ignore_null" configuration. Fixes #2578.
    • Fix default POD port. Should be 3799. Fixes #2591
    • Correctly encode vendor-specific "encrypted" attributes. Fixes #2600
OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Updated from 3.0.19-3.3 to 3.0.19-3.4

Nov 18
  • update to 3.0.19 (jira#SLE-5890)
    Feature improvements
    • Update dictionary.cisco
    • Update sqlippool to allow for stored procedures with PostgreSQL. This increases performance substantially. Patch from Nathan Ward. Fixes #2540.
    • Re-added "show client config" command to radmin.
    • Cleaned up mods-available/sql example so that it is easier to understand.
    • Added pfSense dictionary. Closes #2581
    • Update dictionary.h3c Closes #2592
    • Update elasticsearch/logstash config for v6.7.0.
    • EAP-PWD security fixes from Mathy Vanhoef. See
      http://freeradius.org/security/
      (CVE-2019-11234, CVE-2019-11235, bsc#1132549, bsc#1132664)
    Bug fixes
    • Update dynamic_client module and server core so that
      the functionality works. This has been broken since
      at least v2.
    • Fix crash in sqlippool due to escaping changes.
      Patch from Nathan Ward. Fixes #2532, #2533.
    • Fix systemd notify, watchdog and unit files.
      Fixes #2541, #2499.
    • Fix erroneous length check in EAP-FAST.
    • Update documentation to remove old "ignore_null" configuration. Fixes #2578.
    • Fix default POD port. Should be 3799. Fixes #2591
    • Correctly encode vendor-specific "encrypted" attributes. Fixes #2600
OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Updated from 3.0.19-3.2 to 3.0.19-3.3

2019-07-16
  • update to 3.0.19 (jira#SLE-5890)
    Feature improvements
    • Update dictionary.cisco
    • Update sqlippool to allow for stored procedures with PostgreSQL. This increases performance substantially. Patch from Nathan Ward. Fixes #2540.
    • Re-added "show client config" command to radmin.
    • Cleaned up mods-available/sql example so that it is easier to understand.
    • Added pfSense dictionary. Closes #2581
    • Update dictionary.h3c Closes #2592
    • Update elasticsearch/logstash config for v6.7.0.
    • EAP-PWD security fixes from Mathy Vanhoef. See
      http://freeradius.org/security/
      (CVE-2019-11234, CVE-2019-11235, bsc#1132549, bsc#1132664)
    Bug fixes
    • Update dynamic_client module and server core so that
      the functionality works. This has been broken since
      at least v2.
    • Fix crash in sqlippool due to escaping changes.
      Patch from Nathan Ward. Fixes #2532, #2533.
    • Fix systemd notify, watchdog and unit files.
      Fixes #2541, #2499.
    • Fix erroneous length check in EAP-FAST.
    • Update documentation to remove old "ignore_null" configuration. Fixes #2578.
    • Fix default POD port. Should be 3799. Fixes #2591
    • Correctly encode vendor-specific "encrypted" attributes. Fixes #2600
OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Updated from 3.0.18-1.1 to 3.0.19-3.2

2019-06-19
  • update to 3.0.19 (jira#SLE-5890)
    Feature improvements
    • Update dictionary.cisco
    • Update sqlippool to allow for stored procedures with PostgreSQL. This increases performance substantially. Patch from Nathan Ward. Fixes #2540.
    • Re-added "show client config" command to radmin.
    • Cleaned up mods-available/sql example so that it is easier to understand.
    • Added pfSense dictionary. Closes #2581
    • Update dictionary.h3c Closes #2592
    • Update elasticsearch/logstash config for v6.7.0.
    • EAP-PWD security fixes from Mathy Vanhoef. See
      http://freeradius.org/security/
      (CVE-2019-11234, CVE-2019-11235, bsc#1132549, bsc#1132664)
    Bug fixes
    • Update dynamic_client module and server core so that
      the functionality works. This has been broken since
      at least v2.
    • Fix crash in sqlippool due to escaping changes.
      Patch from Nathan Ward. Fixes #2532, #2533.
    • Fix systemd notify, watchdog and unit files.
      Fixes #2541, #2499.
    • Fix erroneous length check in EAP-FAST.
    • Update documentation to remove old "ignore_null" configuration. Fixes #2578.
    • Fix default POD port. Should be 3799. Fixes #2591
    • Correctly encode vendor-specific "encrypted" attributes. Fixes #2600
OpenSUSE icon

OpenSUSE Leap 42.3 debug/update/oss: Updated from 3.0.15-6.1 to 3.0.15-9.1

2019-06-17
  • CVE-2019-11235.patch: fixes authentication bypass vulnerability in the EAP-PWD module via invalid curve attack or a reflection attack vector. (CVE-2019-11235, CVE-2019-11234, bsc#1132549, bsc#1132664)
OpenSUSE icon

OpenSUSE Leap 15.0 debug/update/oss: Version 3.0.16-lp150.2.3.1 introduced

2019-06-17
  • CVE-2019-11235.patch: fixes authentication bypass vulnerability in the EAP-PWD module via invalid curve attack or a reflection attack vector. (CVE-2019-11235, CVE-2019-11234, bsc#1132549, bsc#1132664)
OpenSUSE icon

OpenSUSE Leap 15.1 debug/oss: Updated from 3.0.16-lp151.2.3 to 3.0.16-lp151.2.4

2019-04-03
  • update to 3.0.16
    Feature improvements
    • rlm_python now supports multiple lists. From #2031.
    • Add trust router re-keying. From #2007.
    • Add support for Samba / AD LDAP schema.
    See doc/schemas/ldap/samba/README.txt and
    doc/schemas/ldap/samba/
    • Add "tls_min_version" and "tls_max_version" to EAP module
    for Debian OpenSSL issues.
    • Better documentation for client certificates in PEAP and TTLS:
    it usually doesn't work. Fixes #2068.
    • Distinguish login failure from AD unavailable. Fixes #2069.
    • Update RH spec files. Fixes #2070.
    • Run Post-Proxy-Type if all home servers are dead.
    Fixes #2072.
    • Print offending IP addresses when EAP sessions come from
    two upstream home servers, and rate-limit the messages.
    • Minor packaging updates.
    • Better documentation for rlm_rest.
    • EAP-FAST now has it's own "cipher_list", so that it is
    easier to configure.
    • EAP-FAST now forcibly disables TLS1.2, until such time
    as we implement the new keying mechanism from TLS1.2.
    • Add documentation for allow_expired_crl.
    • Update Debian logrotation. #2093 and #2101.
    • DHCP relay can now drop responses. #2095.
    • rlm_sqlippool can now assign Delegated-IPv6-Prefix.
    It also now can assign any IPv4 or IPv6 address.
    Based on patches from maximumG. #2094.
    See raddb/mods-available/sqlippool for changes.
    • radeapclient can now use EAP-SIM-Ki to dynamically
    create the necessary triplets.
    • Explain why many LDAP connections are closed.
    Fixes #1969.
    • Debian build / package issues fixed by Matthew Newton.
    • dictionary.patton updates from Brice Schaffner. Fixes #2137.
    • Added scripts to build "inner-server.pem", and updated
    mods-config/inner-eap and certs/README to match.
    • Added provisions for using an external CA. See raddb/certs/
    • Include dhcpclient binary in freeradius-dhcp debian packge.
    Bug fixes
    • Bind the lifetime of program name and python path to the module
    FR-AD-002 (redone)
    • Pass correct statement length into sqlite3_prepare[_v2]
    FR-AD-003 (redone)
    • Allow 100-Continue responses with additional headers in rlm_rest.
    • fix corner case where detail files were not being locked
    correctly.
    • Fix (SQL-Group == "%{...}") checks, and same for LDAP-Group.
    Fixes #1947
    • Clean up exfile code. Which should help to avoid issues
    with reading / writing 100's of detail files.
    • Fix build for winbind. Patch from Alex Clouter.
    • Fix checkrad for Mikrotik. Patch from Muchael Ducharme.
    • Fix home server stats lookup. Patch from Phil Mayers.
    • Add libjson-c3 as an optional dependency.
    • Require LTB OpenLDAP on CentOS / Redhat, to avoid linking
    against NSS, which breaks the server. Fixes #2040.
    • rlm_python fixes. Fixes #2041
    • Typos in "man" pages. Fixes #2045
    • Expand "next" in %{%{...}:-%{...}}. Fixes #2048
    • Don't add TLS attributes twice. Fixes #2050.
    • Fix memory allocation in rlm_rest. Fixes #2051.
    • Update trustrouter for new API. Fixes #2059.
    • Fix SQLite issues on FreeBSD. Fixes #2060
    • Don't do debug logging of bad passwords. Fixes #2064.
    • More graceful handling of "die" in rlm_perl. Fixes #2073.
    • Fix occasional crash when using
    cisco_accounting_username_bug = yes
    • EAP-FAST fixes from Isaac Boukris.
    #2078, #2076, and #2082, #2126.
    • DHCP fixes, relay, #2092, add run-time check, #2028
    • Decode multiple RADIUS packets at a time in highly loaded
    RadSec connections. Patch from Jan Tomasek. #2106.
    • TunnelPassword is not "single value" in LDAP schema.
    Fixes #2061.
    • sql log now opens the expanded filename, not the input one.
    This was a regression introduced in 3.0.15.
    • Remove unnecessary UNIQUE constrain in Oracle schemas.
    • Fix SSL thread and locking issues when modules also use SSL.
    Fixes #2125 and #2129.
    • Re-add dhcpclient "raw packet" changes. Patches from
    Nicolas Chaigne and Matthew Newton. Fixes #2155.
OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Updated from 3.0.17-2.4 to 3.0.18-1.1

2019-03-03
  • reformat changelog mostly by wrapping lines
  • add missing bug numbers for security fixes
OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Updated from 3.0.17-2.3 to 3.0.17-2.4

2019-02-15
  • also fix ownership of /var/log/radius in systemd unit
OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Updated from 3.0.17-2.2 to 3.0.17-2.3

2019-02-03
  • also fix ownership of /var/log/radius in systemd unit
OpenSUSE icon

OpenSUSE Leap 15.1 debug/oss: Version 3.0.16-lp151.2.3 introduced

2019-01-23
  • update to 3.0.16
    Feature improvements
    • rlm_python now supports multiple lists. From #2031.
    • Add trust router re-keying. From #2007.
    • Add support for Samba / AD LDAP schema.
    See doc/schemas/ldap/samba/README.txt and
    doc/schemas/ldap/samba/
    • Add "tls_min_version" and "tls_max_version" to EAP module
    for Debian OpenSSL issues.
    • Better documentation for client certificates in PEAP and TTLS:
    it usually doesn't work. Fixes #2068.
    • Distinguish login failure from AD unavailable. Fixes #2069.
    • Update RH spec files. Fixes #2070.
    • Run Post-Proxy-Type if all home servers are dead.
    Fixes #2072.
    • Print offending IP addresses when EAP sessions come from
    two upstream home servers, and rate-limit the messages.
    • Minor packaging updates.
    • Better documentation for rlm_rest.
    • EAP-FAST now has it's own "cipher_list", so that it is
    easier to configure.
    • EAP-FAST now forcibly disables TLS1.2, until such time
    as we implement the new keying mechanism from TLS1.2.
    • Add documentation for allow_expired_crl.
    • Update Debian logrotation. #2093 and #2101.
    • DHCP relay can now drop responses. #2095.
    • rlm_sqlippool can now assign Delegated-IPv6-Prefix.
    It also now can assign any IPv4 or IPv6 address.
    Based on patches from maximumG. #2094.
    See raddb/mods-available/sqlippool for changes.
    • radeapclient can now use EAP-SIM-Ki to dynamically
    create the necessary triplets.
    • Explain why many LDAP connections are closed.
    Fixes #1969.
    • Debian build / package issues fixed by Matthew Newton.
    • dictionary.patton updates from Brice Schaffner. Fixes #2137.
    • Added scripts to build "inner-server.pem", and updated
    mods-config/inner-eap and certs/README to match.
    • Added provisions for using an external CA. See raddb/certs/
    • Include dhcpclient binary in freeradius-dhcp debian packge.
    Bug fixes
    • Bind the lifetime of program name and python path to the module
    FR-AD-002 (redone)
    • Pass correct statement length into sqlite3_prepare[_v2]
    FR-AD-003 (redone)
    • Allow 100-Continue responses with additional headers in rlm_rest.
    • fix corner case where detail files were not being locked
    correctly.
    • Fix (SQL-Group == "%{...}") checks, and same for LDAP-Group.
    Fixes #1947
    • Clean up exfile code. Which should help to avoid issues
    with reading / writing 100's of detail files.
    • Fix build for winbind. Patch from Alex Clouter.
    • Fix checkrad for Mikrotik. Patch from Muchael Ducharme.
    • Fix home server stats lookup. Patch from Phil Mayers.
    • Add libjson-c3 as an optional dependency.
    • Require LTB OpenLDAP on CentOS / Redhat, to avoid linking
    against NSS, which breaks the server. Fixes #2040.
    • rlm_python fixes. Fixes #2041
    • Typos in "man" pages. Fixes #2045
    • Expand "next" in %{%{...}:-%{...}}. Fixes #2048
    • Don't add TLS attributes twice. Fixes #2050.
    • Fix memory allocation in rlm_rest. Fixes #2051.
    • Update trustrouter for new API. Fixes #2059.
    • Fix SQLite issues on FreeBSD. Fixes #2060
    • Don't do debug logging of bad passwords. Fixes #2064.
    • More graceful handling of "die" in rlm_perl. Fixes #2073.
    • Fix occasional crash when using
    cisco_accounting_username_bug = yes
    • EAP-FAST fixes from Isaac Boukris.
    #2078, #2076, and #2082, #2126.
    • DHCP fixes, relay, #2092, add run-time check, #2028
    • Decode multiple RADIUS packets at a time in highly loaded
    RadSec connections. Patch from Jan Tomasek. #2106.
    • TunnelPassword is not "single value" in LDAP schema.
    Fixes #2061.
    • sql log now opens the expanded filename, not the input one.
    This was a regression introduced in 3.0.15.
    • Remove unnecessary UNIQUE constrain in Oracle schemas.
    • Fix SSL thread and locking issues when modules also use SSL.
    Fixes #2125 and #2129.
    • Re-add dhcpclient "raw packet" changes. Patches from
    Nicolas Chaigne and Matthew Newton. Fixes #2155.
OpenSUSE icon

OpenSUSE Leap 42.3 debug/update/oss: Updated from 3.0.15-3.1 to 3.0.15-6.1

2019-01-18
  • install license as %license instead of documentation
OpenSUSE icon

OpenSUSE Leap 42.3 debug/update/oss: Version 3.0.15-3.1 introduced

2019-01-18
  • update to 3.0.15 (bnc#1049086)
    Feature improvements
    • Update dictionary.starent, dictionary.ruckus
    Bug fixes
    • Bind the lifetime of program name and python path to the module
    • FR-GV-201: Check input / output length in make_secret().
      (CVE-2017-10978)
    • FR-GV-206: Fix read overflow when decoding DHCP option 63 (CVE-2017-10983)
    • FR-GV-301: Fix write overflow in data2vp_wimax()
      (CVE-2017-10984)
    • FR-GV-302: Fix infinite loop and memory exhaustion with
      'concat' attributes (CVE-2017-10985)
    • FR-GV-303: Fix infinite read in dhcp_attr2vp() (CVE-2017-10986)
    • FR-GV-304: Fix buffer over-read in fr_dhcp_decode_suboptions() (CVE-2017-10987)
    • FR-GV-305: Decode 'signed' attributes correctly.
      (CVE-2017-10988)
    • FR-AD-001: use strncmp() instead of memcmp() for bounded data
    • Print messages when we see deprecated configuration items
    • Show reasons why we couldn't parse a certificate expiry time
    • Be more accepting about truncated ASN1 times.
    • Fix OpenSSL API issue which could leak small amounts of memory.
    • For Access-Reject, call rad_authlog() after running the post-auth section, just like for Access-Accept.
    • Don't crash when reading corrupted data from session resumption cache.
    • Parse port in dhcpclient.
    • Don't leak memory for OpenSSL.
    • Portability fixes taken from OpenBSD port collection.
    • run rad_authlog after post-auth for Access-Reject.
    • Don't process VMPS packets twice.
    • Fix attribute truncation in rlm_perl
    • Fix bug when processing huntgroups.
  • a1eccee1.patch: FR-AD-002 - Bind the lifetime of program name and python path to the module
  • 62f7d288.patch: FR-AD-003 - Pass correct statement length into sqlite3_prepare[_v2]
OpenSUSE icon

OpenSUSE Leap 15.0 debug/oss: Version 3.0.16-lp150.1.5 introduced

2019-01-17
  • update to 3.0.16
    Feature improvements
    • rlm_python now supports multiple lists. From #2031.
    • Add trust router re-keying. From #2007.
    • Add support for Samba / AD LDAP schema.
    See doc/schemas/ldap/samba/README.txt and
    doc/schemas/ldap/samba/
    • Add "tls_min_version" and "tls_max_version" to EAP module
    for Debian OpenSSL issues.
    • Better documentation for client certificates in PEAP and TTLS:
    it usually doesn't work. Fixes #2068.
    • Distinguish login failure from AD unavailable. Fixes #2069.
    • Update RH spec files. Fixes #2070.
    • Run Post-Proxy-Type if all home servers are dead.
    Fixes #2072.
    • Print offending IP addresses when EAP sessions come from
    two upstream home servers, and rate-limit the messages.
    • Minor packaging updates.
    • Better documentation for rlm_rest.
    • EAP-FAST now has it's own "cipher_list", so that it is
    easier to configure.
    • EAP-FAST now forcibly disables TLS1.2, until such time
    as we implement the new keying mechanism from TLS1.2.
    • Add documentation for allow_expired_crl.
    • Update Debian logrotation. #2093 and #2101.
    • DHCP relay can now drop responses. #2095.
    • rlm_sqlippool can now assign Delegated-IPv6-Prefix.
    It also now can assign any IPv4 or IPv6 address.
    Based on patches from maximumG. #2094.
    See raddb/mods-available/sqlippool for changes.
    • radeapclient can now use EAP-SIM-Ki to dynamically
    create the necessary triplets.
    • Explain why many LDAP connections are closed.
    Fixes #1969.
    • Debian build / package issues fixed by Matthew Newton.
    • dictionary.patton updates from Brice Schaffner. Fixes #2137.
    • Added scripts to build "inner-server.pem", and updated
    mods-config/inner-eap and certs/README to match.
    • Added provisions for using an external CA. See raddb/certs/
    • Include dhcpclient binary in freeradius-dhcp debian packge.
    Bug fixes
    • Bind the lifetime of program name and python path to the module
    FR-AD-002 (redone)
    • Pass correct statement length into sqlite3_prepare[_v2]
    FR-AD-003 (redone)
    • Allow 100-Continue responses with additional headers in rlm_rest.
    • fix corner case where detail files were not being locked
    correctly.
    • Fix (SQL-Group == "%{...}") checks, and same for LDAP-Group.
    Fixes #1947
    • Clean up exfile code. Which should help to avoid issues
    with reading / writing 100's of detail files.
    • Fix build for winbind. Patch from Alex Clouter.
    • Fix checkrad for Mikrotik. Patch from Muchael Ducharme.
    • Fix home server stats lookup. Patch from Phil Mayers.
    • Add libjson-c3 as an optional dependency.
    • Require LTB OpenLDAP on CentOS / Redhat, to avoid linking
    against NSS, which breaks the server. Fixes #2040.
    • rlm_python fixes. Fixes #2041
    • Typos in "man" pages. Fixes #2045
    • Expand "next" in %{%{...}:-%{...}}. Fixes #2048
    • Don't add TLS attributes twice. Fixes #2050.
    • Fix memory allocation in rlm_rest. Fixes #2051.
    • Update trustrouter for new API. Fixes #2059.
    • Fix SQLite issues on FreeBSD. Fixes #2060
    • Don't do debug logging of bad passwords. Fixes #2064.
    • More graceful handling of "die" in rlm_perl. Fixes #2073.
    • Fix occasional crash when using
    cisco_accounting_username_bug = yes
    • EAP-FAST fixes from Isaac Boukris.
    #2078, #2076, and #2082, #2126.
    • DHCP fixes, relay, #2092, add run-time check, #2028
    • Decode multiple RADIUS packets at a time in highly loaded
    RadSec connections. Patch from Jan Tomasek. #2106.
    • TunnelPassword is not "single value" in LDAP schema.
    Fixes #2061.
    • sql log now opens the expanded filename, not the input one.
    This was a regression introduced in 3.0.15.
    • Remove unnecessary UNIQUE constrain in Oracle schemas.
    • Fix SSL thread and locking issues when modules also use SSL.
    Fixes #2125 and #2129.
    • Re-add dhcpclient "raw packet" changes. Patches from
    Nicolas Chaigne and Matthew Newton. Fixes #2155.
OpenSUSE icon

OpenSUSE Leap 42.3 debug/oss: Version 3.0.14-1.1 introduced

2019-01-17
  • update to 3.0.14 (still FATE#322416)
    Feature improvements
    • Enforce TLS client certificate expiration on session resumption, and Session-Timeout. See CVE-2017-9148 (bnc#1041445)
    • Updated dictionary.cisco.vpn3000, dictionary.patton
    • Added dictionary.dellemc
    • Lowered the log output for failed PEAP sessions.
    • ALlow utc in rlm_date.
    • The internal OpenSSL session cache has been disabled. Please see mods-available/eap
    • Update detail reader documentation.
    • Make outgoing RadSec connections non-blocking.
    • Add SQL backing to Moonshot-*-TargetedId generation.
    Bug Fixes
    • radtest uses Cleartext-Password for EAP, not User-Password.
    • Update documentation for mods-enabled/ linking.
    • Enhanced checks for moonshot salt.
    • Allow session resumption for RadSec connections.
    • Update "huntgroups" file to note that port ranges are not supported
    • Fix OpenSSL permissions issues on default key files.
    • Certificates are not required when PSK is used.
    • Allow SubjectAltName as first extension in cert.
    • Fixed talloc issue with TLS session resumption.
    • "&Attr-26 := 0x01" now produces useful error messages.
    • Handle connection error in rlm_ldap_cacheable_groupobj.
    • Fix endian issues in DHCP.
    • Multiple minor fixes for Coverity complaints.
    • Handle unexpected regex.
    • Fix minor issues in dictionaries.
    • Fix typos and grammar. Patches from Alan Buxey.
    • Fix erroneous VP creation in rlm_preproces.
    • Fix MIB. Patch from Jeff Gehlbach.
    • Trust router updates from Alejandro Perez.
    • Allow build with LibreSSL.
    • Use correct packet for channel bindings.
    • Many fixes found by PVS-Studio. Thanks to PVS-Studio for giving us a test license. Please see the git commit history for more info.
    • Fix incorrect length check in EAP-PWD. This may be exploitable.
    • Stop rotating session database files (radutmp, radwtmp) since these are not logfiles.
  • freeradius-server-radiusd-logrotate.patch: updated
OpenSUSE icon

OpenSUSE Tumbleweed debug/oss: Version 3.0.17-2.2 introduced

2019-01-17
  • Merge changes from SLE to openSUSE (FATE#322416):
    • freeradius-server-radclient-init-error-buffer.patch - make sure we initialize error buffer. bsc#911886: radclient error free() invalid pointer
    • freeradius-server-opensslversion.patch: remove OpenSSL version check and assume we know what we are doing. (bnc#1013311)
    • merge .changes file, mostly.
  • do not attempt to detect "vulnerable" OpenSSL versions. SUSE security fixes do not necessarily bump version numbers as does upstream OpenSSL (bnc#1021375)
  • do not generate certificates in %post. End-user needs to do this manually.
  • keep FreeTDS disabled on SLE12 - we never shipped it enabled
  • require OpenSSL 1.0+
  • use pkgconfig(systemd) instead of plain systemd as BuildRequires
  • don't list manual pages as %doc

Related packages

freeradius - High-performance and highly configurable free RADIUS server
freeradius-server - RADIUS Server
freeradius-server-python - Python support for freeradius
⇧ Top