Updated freeradius package fixes security vulnerability
Publication date: 21 Feb 2014Modification date: 21 Feb 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-2015
Description
SSHA processing in freeradius before 2.2.3 runs into a stack-based buffer
overflow in the freeradius rlm_pap module if the password source uses an
unusually long hashed password (CVE-2014-2015).
References
SRPMS
3/core
- freeradius-2.2.0-4.1.mga3
4/core
- freeradius-2.2.0-5.1.mga4