Summary: | <net-dialup/freeradius-2.2.0: buffer overflow vulnerability (CVE-2012-3547) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Sakalik <rabbit6440> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | flameeyes, net-dialup, polynomial-c | ||||
Priority: | Normal | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt. | ||||||
Whiteboard: | B2 [glsa] | ||||||
Package list: | Runtime testing required: | --- | |||||
Bug Depends on: | |||||||
Bug Blocks: | 386183 | ||||||
Attachments: |
|
Description
Stefan Sakalik
2012-09-12 07:41:44 UTC
Created attachment 323580 [details, diff]
Patch to CVE-2012-3547
This patch is insipred by git fix in git://git.freeradius.org/freeradius-server.git , commit 684dce7da5fd078. Works with freeradius-2.1.11-r1.
CVE-2012-3547 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3547): Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not after" timestamp in a client certificate. Just in case if you want to bump freeradius-2.2.0 in the same time, you need to add the following:
< econf --disable-static --disable-ltdl-install --with-system-libtool \
---
> econf --disable-static --disable-ltdl-install --with-system-libtool --with-system-libltdl \
It won't compile without the "--with-system-libltdl" option.
Okay I'm going to look into these and most likely fix them with 2.2.0. 2.2.0 is in. You can probably proceed from here, can't be worse than the current stable... (In reply to comment #5) > 2.2.0 is in. You can probably proceed from here, can't be worse than the > current stable... Thanks, Diego. Arches, please test and mark stable: =net-dialup/freeradius-2.2.0 x86 done. amd64 stable Thanks, everyone. GLSA draft is ready for review. This issue was resolved and addressed in GLSA 201311-09 at http://security.gentoo.org/glsa/glsa-201311-09.xml by GLSA coordinator Sergey Popov (pinkbyte). |