[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Vulnerability in FreeRADIUS
From:       Alex Scheel <ascheel () redhat ! com>
Date:       2020-03-16 13:40:36
Message-ID: 660268082.9262246.1584366036776.JavaMail.zimbra () redhat ! com
[Download RAW message or body]

Fedora's FreeRADIUS maintainer here.

----- Original Message -----
> From: "HANCHATE Ravikiran (u5574292)" <u5574292@orange.be>
> To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org>
> Sent: Monday, March 16, 2020 8:22:44 AM
> Subject: RE: Vulnerability in FreeRADIUS
> 
> Thank you Alan for your descriptive reply .
> 
> Cheers !!!
> 

~snip~

> > 2/ what steps need to be taken to Apply the Linux Fedora patches regarding
> > the FreeRADIUS vulnerability
> 
>   Ask Fedora how their system works.

Run:

sudo dnf update --refresh

It should get you the latest packages. Fedora 30 and Fedora 31 both have
3.0.20, which is still the latest upstream release. My understanding is
that that release fixes the CVE in question (CVE-2019-13456).


- Alex

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]