- Issued:
- 2009-01-20
- Updated:
- 2009-01-20
RHBA-2008:0845 - Bug Fix Advisory
Synopsis
freeradius bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated freeradius packages that fix various bugs are now available.
Description
FreeRADIUS is a high-performance and highly-configurable free Remote
Authentication Dial In User Service (RADIUS) server, designed to allow
centralized authentication and authorization for a network.
These updated packages fix the following bugs:
- previously, FreeRADIUS sent empty fragments in EAP-TLS transactions.
Although most clients accepted the empty fragments, in certain situations,
Windows Vista(r) clients did not. This may have caused authentication to
fail. The SSL configuration parameters that FreeRADIUS uses have been
updated to no longer send empty fragments, allowing EAP-TLS with Windows
Vista clients.
- setting the "tls_require_cert" parameter in the radius.conf configuration
file to any valid value resulted in the following error message in the
/var/log/radius/radius.log file: "Error: rlm_ldap: could not set
LDAP_OPT_X_TLS_REQUIRE_CERT option to allow". In these updated packages,
setting the "tls_require_cert" parameter in radius.conf works as expected,
and does not provoke an error, thus resolving this issue.
- the freeradius RPM spec files had "%{dist}" on the "Release" line,
instead of "%{?dist}".
- FreeRADIUS has SNMP functionality that permits RADIUS authentication and
authorization statistics to be queried and set via SNMP; however, on 64-bit
systems, a persistent connection between FreeRADIUS and the SNMP daemon
(snmpd) could not be established, nor could the SNMP variables in the SNMP
MIB be accessed due to coding errors in the FreeRADIUS SNMP support.
Commands such as "snmpwalk" may have caused snmpd to hang. These updated
packages correct these errors, and permit the FreeRADIUS daemon (radiusd)
to establish a connection -- using the SMUX protocol -- with snmpd, and
permits access to the FreeRADIUS MIB variables via tools such as "snmpwalk"
and "snmpget".
Users of freeradius are advised to upgrade to these updated packages, which
resolve these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 249308 - freeradius (prior to 1.1.4) won't work with vista clients
- BZ - 287381 - rlm_ldap: could not set LDAP_OPT_X_TLS_REQUIRE_CERT option to allow
- BZ - 440626 - there should be %{?dist} instead of %{dist} in the *.spec on the Release: line
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
freeradius-1.1.3-1.4.el5.src.rpm | SHA-256: 56f6d3aa29066b7e660942e3a3415f57d23be3534124455460bfd2b9e9f06523 |
x86_64 | |
freeradius-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 855ceb4770d684eeb0fbd95838e5f6a55234d01844ba9b0dccfad69a075e40bd |
freeradius-mysql-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 031b821e54ca65c7bcf74c71b4d9d3a559dd8e5cb8d3131c480926493f2e6822 |
freeradius-postgresql-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 4784c0d5b1b8815b6ebdc088c0d36ca259cc224209b642f89b3ecb6794604f89 |
freeradius-unixODBC-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 42118237c8336c82ea2f9f3ec590268a19a2532e3ea400355e58610d391fea38 |
ia64 | |
freeradius-1.1.3-1.4.el5.ia64.rpm | SHA-256: 39d71d04820a8ffe9b34696662f9d9334c00afc4c76efe8898eed081668930ac |
freeradius-mysql-1.1.3-1.4.el5.ia64.rpm | SHA-256: 398ad9138b2d443aab7c136c6d21da37c0bd9ad48b4442e6b24e4f9fb0a71065 |
freeradius-postgresql-1.1.3-1.4.el5.ia64.rpm | SHA-256: 43cedbccf0e0d8d705c329fb5644825074485a812a0b234d08c8415f2a625222 |
freeradius-unixODBC-1.1.3-1.4.el5.ia64.rpm | SHA-256: 866f3e1e2543f26968b88774d6e086227548120d7fd549878895a3c88b58fe06 |
i386 | |
freeradius-1.1.3-1.4.el5.i386.rpm | SHA-256: 38a1b00f02c0eb076c480f098b475e2b1b64f1c7014b6947f8f27f976e238107 |
freeradius-mysql-1.1.3-1.4.el5.i386.rpm | SHA-256: ce2724a940aab0b2f49e6578a4c80b34ee31e14273d98d189f8fdf8394030548 |
freeradius-postgresql-1.1.3-1.4.el5.i386.rpm | SHA-256: 30763bd55a885960bf5aa8a063a42f9719599e4f595d5d7a0311c1400f754619 |
freeradius-unixODBC-1.1.3-1.4.el5.i386.rpm | SHA-256: 67689389129ff47885c77130d6737897f03427dec3eac2413c2d8b420d1c9e87 |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
freeradius-1.1.3-1.4.el5.src.rpm | SHA-256: 56f6d3aa29066b7e660942e3a3415f57d23be3534124455460bfd2b9e9f06523 |
x86_64 | |
freeradius-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 855ceb4770d684eeb0fbd95838e5f6a55234d01844ba9b0dccfad69a075e40bd |
freeradius-mysql-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 031b821e54ca65c7bcf74c71b4d9d3a559dd8e5cb8d3131c480926493f2e6822 |
freeradius-postgresql-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 4784c0d5b1b8815b6ebdc088c0d36ca259cc224209b642f89b3ecb6794604f89 |
freeradius-unixODBC-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 42118237c8336c82ea2f9f3ec590268a19a2532e3ea400355e58610d391fea38 |
i386 | |
freeradius-1.1.3-1.4.el5.i386.rpm | SHA-256: 38a1b00f02c0eb076c480f098b475e2b1b64f1c7014b6947f8f27f976e238107 |
freeradius-mysql-1.1.3-1.4.el5.i386.rpm | SHA-256: ce2724a940aab0b2f49e6578a4c80b34ee31e14273d98d189f8fdf8394030548 |
freeradius-postgresql-1.1.3-1.4.el5.i386.rpm | SHA-256: 30763bd55a885960bf5aa8a063a42f9719599e4f595d5d7a0311c1400f754619 |
freeradius-unixODBC-1.1.3-1.4.el5.i386.rpm | SHA-256: 67689389129ff47885c77130d6737897f03427dec3eac2413c2d8b420d1c9e87 |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
freeradius-1.1.3-1.4.el5.src.rpm | SHA-256: 56f6d3aa29066b7e660942e3a3415f57d23be3534124455460bfd2b9e9f06523 |
s390x | |
freeradius-1.1.3-1.4.el5.s390x.rpm | SHA-256: af4c096636192d4d9ae79c371bb9eac6cb459d5e5e15afd415bd5737b0e9cd44 |
freeradius-mysql-1.1.3-1.4.el5.s390x.rpm | SHA-256: 21b06df66d4b24f2cbfb95c8a3a2ac31dabe7c61cc083228293b9ba1045cff26 |
freeradius-postgresql-1.1.3-1.4.el5.s390x.rpm | SHA-256: f30e8116d3f20124639808507f50cbf8b0b709b12006c72bea73e178c1bf59f8 |
freeradius-unixODBC-1.1.3-1.4.el5.s390x.rpm | SHA-256: b1d73f3a346ea24bdcedd11a1b9182d7f5ade554aba104996f65078bfeff146f |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
freeradius-1.1.3-1.4.el5.src.rpm | SHA-256: 56f6d3aa29066b7e660942e3a3415f57d23be3534124455460bfd2b9e9f06523 |
ppc | |
freeradius-1.1.3-1.4.el5.ppc.rpm | SHA-256: 07dc49be4f211748a226ae2c661cd851f175dc8296146bbe705492c63a145dea |
freeradius-mysql-1.1.3-1.4.el5.ppc.rpm | SHA-256: 251208ee2e37f9ef8f75d7973c8f7c6e7dc0412a82e8effb2dcbf392331ab492 |
freeradius-postgresql-1.1.3-1.4.el5.ppc.rpm | SHA-256: 91044f35857befb4719bc52794f26f63f7c968fa2781ffffcc111b8f99946595 |
freeradius-unixODBC-1.1.3-1.4.el5.ppc.rpm | SHA-256: 54edfd091a4b3b289f92cfed64541612b2f32b21495254f735d9ae39b9f85fe5 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
freeradius-1.1.3-1.4.el5.src.rpm | SHA-256: 56f6d3aa29066b7e660942e3a3415f57d23be3534124455460bfd2b9e9f06523 |
x86_64 | |
freeradius-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 855ceb4770d684eeb0fbd95838e5f6a55234d01844ba9b0dccfad69a075e40bd |
freeradius-mysql-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 031b821e54ca65c7bcf74c71b4d9d3a559dd8e5cb8d3131c480926493f2e6822 |
freeradius-postgresql-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 4784c0d5b1b8815b6ebdc088c0d36ca259cc224209b642f89b3ecb6794604f89 |
freeradius-unixODBC-1.1.3-1.4.el5.x86_64.rpm | SHA-256: 42118237c8336c82ea2f9f3ec590268a19a2532e3ea400355e58610d391fea38 |
i386 | |
freeradius-1.1.3-1.4.el5.i386.rpm | SHA-256: 38a1b00f02c0eb076c480f098b475e2b1b64f1c7014b6947f8f27f976e238107 |
freeradius-mysql-1.1.3-1.4.el5.i386.rpm | SHA-256: ce2724a940aab0b2f49e6578a4c80b34ee31e14273d98d189f8fdf8394030548 |
freeradius-postgresql-1.1.3-1.4.el5.i386.rpm | SHA-256: 30763bd55a885960bf5aa8a063a42f9719599e4f595d5d7a0311c1400f754619 |
freeradius-unixODBC-1.1.3-1.4.el5.i386.rpm | SHA-256: 67689389129ff47885c77130d6737897f03427dec3eac2413c2d8b420d1c9e87 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.