2016-01-05
ALT-BU-2016-2520-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2015-01-21
Modified: 2025-04-12
Modified: 2025-04-12
CVE-2015-1038
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
Severity: MEDIUM (5.8)
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
References:
- http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173245.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174245.html
- http://lists.opensuse.org/opensuse-updates/2015-07/msg00000.html
- http://www.debian.org/security/2015/dsa-3289
- http://www.openwall.com/lists/oss-security/2015/01/11/2
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.securityfocus.com/bid/71890
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774660
- https://bugzilla.redhat.com/show_bug.cgi?id=1179505
- https://exchange.xforce.ibmcloud.com/vulnerabilities/99970
- http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173245.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174245.html
- http://lists.opensuse.org/opensuse-updates/2015-07/msg00000.html
- http://www.debian.org/security/2015/dsa-3289
- http://www.openwall.com/lists/oss-security/2015/01/11/2
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.securityfocus.com/bid/71890
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774660
- https://bugzilla.redhat.com/show_bug.cgi?id=1179505
- https://exchange.xforce.ibmcloud.com/vulnerabilities/99970
Closed bugs
Нерабочее и ненужное правило udev
Package freeradius updated to version 2.2.9-alt1 for branch sisyphus in task 155642.
Closed vulnerabilities
Published: 2013-03-12
Modified: 2025-04-11
Modified: 2025-04-11
CVE-2011-4966
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
Severity: MEDIUM (6.0)
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
References:
- http://lists.opensuse.org/opensuse-updates/2013-01/msg00029.html
- http://lists.opensuse.org/opensuse-updates/2013-01/msg00079.html
- http://rhn.redhat.com/errata/RHBA-2012-0881.html
- http://rhn.redhat.com/errata/RHSA-2013-0134.html
- https://github.com/alandekok/freeradius-server/commit/1b1ec5ce75e224bd1755650c18ccdaa6dc53e605
- http://lists.opensuse.org/opensuse-updates/2013-01/msg00029.html
- http://lists.opensuse.org/opensuse-updates/2013-01/msg00079.html
- http://rhn.redhat.com/errata/RHBA-2012-0881.html
- http://rhn.redhat.com/errata/RHSA-2013-0134.html
- https://github.com/alandekok/freeradius-server/commit/1b1ec5ce75e224bd1755650c18ccdaa6dc53e605
Published: 2014-11-02
Modified: 2025-04-12
Modified: 2025-04-12
CVE-2014-2015
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password hash, as demonstrated by an SSHA hash.
Severity: HIGH (7.5)
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
References:
- http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html
- http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html
- http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html
- http://rhn.redhat.com/errata/RHSA-2015-1287.html
- http://ubuntu.com/usn/usn-2122-1
- http://www.openwall.com/lists/oss-security/2014/02/18/3
- http://www.securityfocus.com/bid/65581
- https://bugzilla.redhat.com/show_bug.cgi?id=1066761
- http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html
- http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000612.html
- http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000616.html
- http://rhn.redhat.com/errata/RHSA-2015-1287.html
- http://ubuntu.com/usn/usn-2122-1
- http://www.openwall.com/lists/oss-security/2014/02/18/3
- http://www.securityfocus.com/bid/65581
- https://bugzilla.redhat.com/show_bug.cgi?id=1066761
Published: 2017-04-05
Modified: 2025-04-20
Modified: 2025-04-20
CVE-2015-4680
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.
Severity: MEDIUM (5.0)
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Severity: HIGH (7.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
References:
- http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00010.html
- http://packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.html
- http://www.ocert.org/advisories/ocert-2015-008.html
- http://www.securityfocus.com/archive/1/535810/100/0/threaded
- http://www.securityfocus.com/bid/75327
- http://www.securitytracker.com/id/1032690
- https://bugzilla.redhat.com/show_bug.cgi?id=1234975
- http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00010.html
- http://packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.html
- http://www.ocert.org/advisories/ocert-2015-008.html
- http://www.securityfocus.com/archive/1/535810/100/0/threaded
- http://www.securityfocus.com/bid/75327
- http://www.securitytracker.com/id/1032690
- https://bugzilla.redhat.com/show_bug.cgi?id=1234975
Closed bugs
radclient неработоспособен без словаря
Некорректно ротируется лог