Security update for freeradius-server SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:2845-1 Final 1 1 2017-10-25T07:20:38Z current 2017-10-25T07:20:38Z 2017-10-25T07:20:38Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for freeradius-server This update for freeradius-server fixes the following issues: Fix a number of security issues found via fuzzing by Guido Vranken See http://freeradius.org/security/fuzzer-2017.html for details. (boo#1049086) - CVE-2017-10987 / FR-GV-304: DHCP - Buffer over-read in fr_dhcp_decode_suboptions() - CVE-2017-10986 / FR-GV-303: DHCP - Infinite read in dhcp_attr2vp() - FR-AD-001: Use strncmp() instead of memcmp() for string data - CVE-2017-10983 / FR-GV-206: DHCP - Read overflow when decoding option 63 - CVE-2017-10985 / FR-GV-302: Infinite loop and memory exhaustion with 'concat' attributes - CVE-2017-10984 / FR-GV-301: Write overflow in data2vp_wimax() - FR-AD-002: String lifetime issues in rlm_python - FR-GV-305: Decode 'signed' attributes correctly - CVE-2017-10978 / FR-GV-201: Read / write overflow in make_secret() The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-10/msg00087.html E-Mail link for openSUSE-SU-2017:2845-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.2 freeradius-server-3.0.12-2.9.1 freeradius-server-devel-3.0.12-2.9.1 freeradius-server-doc-3.0.12-2.9.1 freeradius-server-krb5-3.0.12-2.9.1 freeradius-server-ldap-3.0.12-2.9.1 freeradius-server-libs-3.0.12-2.9.1 freeradius-server-mysql-3.0.12-2.9.1 freeradius-server-perl-3.0.12-2.9.1 freeradius-server-postgresql-3.0.12-2.9.1 freeradius-server-python-3.0.12-2.9.1 freeradius-server-sqlite-3.0.12-2.9.1 freeradius-server-utils-3.0.12-2.9.1 freeradius-server-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-devel-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-doc-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-krb5-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-ldap-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-libs-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-mysql-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-perl-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-postgresql-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-python-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-sqlite-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 freeradius-server-utils-3.0.12-2.9.1 as a component of openSUSE Leap 42.2 An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service. CVE-2017-10978 openSUSE Leap 42.2:freeradius-server-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-devel-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-doc-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-krb5-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-ldap-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-libs-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-mysql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-perl-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-postgresql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-python-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-sqlite-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-utils-3.0.12-2.9.1 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00087.html https://www.suse.com/security/cve/CVE-2017-10978.html CVE-2017-10978 https://bugzilla.suse.com/1049086 SUSE Bug 1049086 An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service. CVE-2017-10983 openSUSE Leap 42.2:freeradius-server-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-devel-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-doc-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-krb5-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-ldap-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-libs-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-mysql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-perl-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-postgresql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-python-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-sqlite-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-utils-3.0.12-2.9.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00087.html https://www.suse.com/security/cve/CVE-2017-10983.html CVE-2017-10983 https://bugzilla.suse.com/1049086 SUSE Bug 1049086 An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows "Write overflow in data2vp_wimax()" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code. CVE-2017-10984 openSUSE Leap 42.2:freeradius-server-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-devel-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-doc-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-krb5-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-ldap-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-libs-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-mysql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-perl-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-postgresql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-python-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-sqlite-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-utils-3.0.12-2.9.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00087.html https://www.suse.com/security/cve/CVE-2017-10984.html CVE-2017-10984 https://bugzilla.suse.com/1049086 SUSE Bug 1049086 An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows "Infinite loop and memory exhaustion with 'concat' attributes" and a denial of service. CVE-2017-10985 openSUSE Leap 42.2:freeradius-server-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-devel-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-doc-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-krb5-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-ldap-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-libs-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-mysql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-perl-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-postgresql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-python-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-sqlite-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-utils-3.0.12-2.9.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00087.html https://www.suse.com/security/cve/CVE-2017-10985.html CVE-2017-10985 https://bugzilla.suse.com/1049086 SUSE Bug 1049086 An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcp_attr2vp()" and a denial of service. CVE-2017-10986 openSUSE Leap 42.2:freeradius-server-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-devel-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-doc-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-krb5-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-ldap-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-libs-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-mysql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-perl-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-postgresql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-python-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-sqlite-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-utils-3.0.12-2.9.1 moderate 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00087.html https://www.suse.com/security/cve/CVE-2017-10986.html CVE-2017-10986 https://bugzilla.suse.com/1049086 SUSE Bug 1049086 An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service. CVE-2017-10987 openSUSE Leap 42.2:freeradius-server-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-devel-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-doc-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-krb5-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-ldap-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-libs-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-mysql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-perl-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-postgresql-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-python-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-sqlite-3.0.12-2.9.1 openSUSE Leap 42.2:freeradius-server-utils-3.0.12-2.9.1 moderate 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-10/msg00087.html https://www.suse.com/security/cve/CVE-2017-10987.html CVE-2017-10987 https://bugzilla.suse.com/1049086 SUSE Bug 1049086