[ol7_optional_latest] freeradius-sqlite-3.0.13-15.0.1.el7.aarch64

Name:	freeradius-sqlite
Version:	3.0.13
Release:	15.0.1.el7
Architecture:	aarch64
Group:	System Environment/Daemons
Size:	101113
License:	GPLv2+ and LGPLv2+
RPM:	freeradius-sqlite-3.0.13-15.0.1.el7.aarch64.rpm
Source RPM:	freeradius-3.0.13-15.0.1.el7.src.rpm
Build Date:	Fri Sep 27 2024
Build Host:	build-ol7-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://www.freeradius.org/
Summary:	SQLite support for freeradius
Description:	This plugin provides the SQLite support for the FreeRADIUS server project.

Changelog (Show File list) (Show related packages)

Mon Sep 23 2024 Sourav Sharma <sourav.ss.sharma@oracle.com> - 3.0.13-15.0.1
```
- Fixes CVE-2024-3596 security issue [Orabug: 36904288]
```

Thu Apr 16 2020 Alexander Scheel <ascheel@redhat.com> - 3.0.13-15

- Fixes EAP-PWD: DoS issues due to multithreaded BN_CTX access
  Resolves: bz#1818808

  * Fri Feb 7 2020 Alexander Scheel <ascheel@redhat.com> - 3.0.13-14
- Fixes receiving of multiple RADIUS packets under load
  Resolves: bz#1630684

Fri Feb 07 2020 Alexander Scheel <ascheel@redhat.com> - 3.0.13-13
```
- Fixes logging of cleartext pap password
  Resolves: bz#1677435
```

Fri Feb 07 2020 Alexander Scheel <ascheel@redhat.com> - 3.0.13-12

- Fixes paircompare with attribute references and expansions
  Resolves: bz#1592741

Tue Feb 04 2020 Alexander Scheel <ascheel@redhat.com> - 3.0.13-11

- Fixes logrotate, EAP-PWD vulnerability
  Resolves: bz#1719368 privilege escalation due to insecure logrotate configuration
  Resolves: bz#1751796 eap-pwd: Information leak due to aborting when needing more than 10 iterations

Thu Apr 25 2019 Alexander Scheel <ascheel@redhat.com> - 3.0.13-10

- Fixes two EAP-PWD security issues
  Resolves: bz#1699414 authentication bypass with an invalid curve attack
  Resolves: bz#1699419 fake authentication using reflection

Thu Feb 22 2018 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> - 3.0.13-9

- Fix double free in rlm_sql acct_redundant
  Resolves: Bug#1551069 Radius service crashes with "Bad talloc magic value -
                        unknown value" when using module sql rlm_sql

Mon Jul 17 2017 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> - 3.0.13-8

- Avoid misinterpreting zero-size malloc in data2vp_extended() fix.
- Related: Bug#1469415 CVE-2017-10984 freeradius: Out-of-bounds write in
                       data2vp_wimax()

Tue Jul 11 2017 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> - 3.0.13-7

- Resolves: Bug#1469408 CVE-2017-10978 freeradius: Out-of-bounds read/write due
                        to improper output buffer size check in make_secret()
- Resolves: Bug#1469412 CVE-2017-10983 freeradius: Out-of-bounds read in
                        fr_dhcp_decode() when decoding option 63
- Resolves: Bug#1469415 CVE-2017-10984 freeradius: Out-of-bounds write in
                        data2vp_wimax()
- Resolves: Bug#1469416 CVE-2017-10985 freeradius: Infinite loop and memory
                        exhaustion with 'concat' attributes
- Resolves: Bug#1469419 CVE-2017-10986 freeradius: Infinite read in
                        dhcp_attr2vp()
- Resolves: Bug#1469422 CVE-2017-10987 freeradius: Buffer over-read in
                        fr_dhcp_decode_suboptions()

Thu Jun 15 2017 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> - 3.0.13-6

- Avoid race condition when creating session cache file
  Resolves: Bug#1458746 CVE-2017-9148 freeradius: TLS resumption
                        authentication bypass