[Bug 219662] net/freeradius{2,3}: Update to 3.0.14 (CVE-2017-9148 FreeRADIUS TLS resumption authentication bypass)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed May 31 06:00:51 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219662
Kubilay Kocak <koobs at FreeBSD.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ports-secteam at FreeBSD.org,
| |zi at FreeBSD.org
Assignee|freebsd-ports-bugs at FreeBSD. |zi at FreeBSD.org
|org |
Status|New |Open
Keywords| |needs-patch, needs-qa,
| |security
Priority|--- |Normal
Summary|net/freeradius: |net/freeradius{2,3}: Update
|CVE-2017-9148 FreeRADIUS |to 3.0.14 (CVE-2017-9148
|TLS resumption |FreeRADIUS TLS resumption
|authentication bypass |authentication bypass)
Flags| |maintainer-feedback?(zi at Fre
| |eBSD.org), merge-quarterly?
URL| |http://seclists.org/oss-sec
| |/2017/q2/342
--- Comment #1 from Kubilay Kocak <koobs at FreeBSD.org> ---
net/freeradius has been deleted, assuming this is for net/freeradius3. Assign
to maintainer accordingly.
It appears net/freeradius2 (EoL) is also affected, the port for which has not
been deprecated/deleted. It does not appear a patch for 2.2.9 has been created
(I could not identify one on initial view).
Both ports have the same maintainer.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list