Freeradius - Red Hat ENTERPRISE LINUX 5.5 - TECHNICAL NOTES Manual

1.56. freeradius

1.56.1. RHSA-2009:1451: Moderate security update
Important
This update has already been released (prior to the GA of this release) as the security
RHSA-2009:1451
errata
Updated freeradius packages that fix a security issue are now available for Red Hat Enterprise Linux
5.
This update has been rated as having moderate security impact by the Red Hat Security Response
Team.
FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User
Service (RADIUS) server, designed to allow centralized authentication and authorization for a network.
An input validation flaw was discovered in the way FreeRADIUS decoded specific RADIUS attributes
from RADIUS packets. A remote attacker could use this flaw to crash the RADIUS daemon (radiusd)
via a specially-crafted RADIUS packet.
Users of FreeRADIUS are advised to upgrade to these updated packages, which contain a backported
patch to correct this issue. After installing the update, radiusd will be restarted automatically.
1.56.2. RHBA-2009:1678: bug fix update
Note
This update has already been released (prior to the GA of this release) as FASTRACK
RHBA-2009:1678
errata
Updated freeradius packages that fix a bug are now available.
FreeRADIUS is an Internet authentication daemon, which implements the RADIUS protocol, as
defined in RFC 2865 (and others). It allows Network Access Servers (NAS boxes) to perform
authentication for dial-up users. There are also RADIUS clients available for Web servers, firewalls,
Unix logins, and more. Using RADIUS allows authentication and authorization for a network to be
centralized, and minimizes the amount of re-configuration which has to be done when adding or
deleting new users.
This update addresses the following bug:
* an error in the EAP authentication module could cause memory corruption. Running the radeapclient
utility would typically expose the problem. An error message including text such as this
*** glibc detected *** radeapclient: free(): invalid pointer:
391
https://www.redhat.com/security/data/cve/CVE-2009-3111.html
390
391
(CVE-2009-3111 )
392
freeradius
61