From ${URL} : Pierre Carrier reported a stack-based buffer overflow flaw in the FreeRADIUS rlm_pap module. An authenticated user could trigger this issue by creating a large password, causing FreeRADIUS to crash. The stack protector and SSP variable re-ordering protections should help prevent this issue from being used to execute arbitrary code. Upstream fixes: 2.x: https://github.com/FreeRADIUS/freeradius-server/commit/0d606cfc29a.patch 3.x: https://github.com/FreeRADIUS/freeradius-server/commit/ff5147c9e5088c7.patch master: https://github.com/FreeRADIUS/freeradius-server/commit/f610864d4c8f51d.patch References: http://lists.freebsd.org/pipermail/freebsd-bugbusters/2014-February/000610.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Arch teams, please test and mark stable: =net-dialup/freeradius-2.2.5 Targeted stable KEYWORDS : amd64 x86
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Arches and Maintainer(s), Thank you for your work. Added to new GLSA Request
This issue was resolved and addressed in GLSA 201406-12 at http://security.gentoo.org/glsa/glsa-201406-12.xml by GLSA coordinator Chris Reffett (creffett).