Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Pat Riehecky <riehecky-13hema8v3vg <at> public.gmane.org>
Subject: Security ERRATA Low: freeradius2 on SL5.x i386/x86_64
Newsgroups: gmane.linux.scientific.errata
Date: Wednesday 16th January 2013 22:10:25 UTC (over 3 years ago)
Synopsis:          Low: freeradius2 security and bug fix update
Issue Date:        2013-01-08
CVE Numbers:       CVE-2011-4966
--

It was found that the "unix" module ignored the password expiration 
setting in
"/etc/shadow". If FreeRADIUS was configured to use this module for user
authentication, this flaw could allow users with an expired password to
successfully authenticate, even though their access should have been
denied.
(CVE-2011-4966)

This update also fixes the following bugs:

* After log rotation, the freeradius logrotate script failed to reload the
radiusd daemon and log messages were lost. This update has added a 
command to
the freeradius logrotate script to reload the radiusd daemon and the
radiusd
daemon re-initializes and reopens its log files after log rotation as 
expected.

* The radtest script with the "eap-md5" option failed because it passed 
the IP
family argument when invoking the radeapclient utility and the radeapclient
utility did not recognize the IP family. The radeapclient utility now
recognizes the IP family argument and radtest now works with eap-md5 as
expected.

* Previously, freeradius was compiled without the "--with-udpfromto"
option.
Consequently, with a multihomed server and explicitly specifying the IP
address, freeradius sent the reply with the wrong IP source address. 
With this
update, freeradius has been built with the "--with-udpfromto" configuration
option and the RADIUS reply is always sourced from the IP address the 
request
was sent to.

* Due to invalid syntax in the PostgreSQL admin schema file, the FreeRADIUS
PostgreSQL tables failed to be created. With this update, the syntax has 
been
adjusted and the tables are created as expected.

* FreeRADIUS has a thread pool that dynamically grows based on load. If
multiple threads using the "rlm_perl()" function are spawned in quick
succession, the FreeRADIUS server sometimes terminated unexpectedly with a
segmentation fault due to parallel calls to the "rlm_perl_clone()"
function.
With this update, a mutex for the threads has been added and the problem no
longer occurs.

* The man page for "rlm_dbm_parser" was incorrectly installed as
"rlm_dbm_parse", omitting the trailing "r". The man page now correctly 
appears
as rlm_dbm_parser.

They are also advised to check for RPM backup files ending in ".rpmnew" or
".rpmsave" under the /etc/raddb/ directory after the update because the
FreeRADIUS server will attempt to load every file it finds in its 
configuration
directory. The extra files will often cause the wrong configuration 
values to
be applied resulting in either unpredictable behavior or the failure of the
server to initialize and run.
--

SL5
   x86_64
     freeradius2-2.1.12-5.el5.x86_64.rpm
     freeradius2-debuginfo-2.1.12-5.el5.x86_64.rpm
     freeradius2-krb5-2.1.12-5.el5.x86_64.rpm
     freeradius2-ldap-2.1.12-5.el5.x86_64.rpm
     freeradius2-mysql-2.1.12-5.el5.x86_64.rpm
     freeradius2-perl-2.1.12-5.el5.x86_64.rpm
     freeradius2-postgresql-2.1.12-5.el5.x86_64.rpm
     freeradius2-python-2.1.12-5.el5.x86_64.rpm
     freeradius2-unixODBC-2.1.12-5.el5.x86_64.rpm
     freeradius2-utils-2.1.12-5.el5.x86_64.rpm
   i386
     freeradius2-2.1.12-5.el5.i386.rpm
     freeradius2-debuginfo-2.1.12-5.el5.i386.rpm
     freeradius2-krb5-2.1.12-5.el5.i386.rpm
     freeradius2-ldap-2.1.12-5.el5.i386.rpm
     freeradius2-mysql-2.1.12-5.el5.i386.rpm
     freeradius2-perl-2.1.12-5.el5.i386.rpm
     freeradius2-postgresql-2.1.12-5.el5.i386.rpm
     freeradius2-python-2.1.12-5.el5.i386.rpm
     freeradius2-unixODBC-2.1.12-5.el5.i386.rpm
     freeradius2-utils-2.1.12-5.el5.i386.rpm

- Scientific Linux Development Team
 
CD: 3ms