CVE-2019-11234 (https://nvd.nist.gov/vuln/detail/CVE-2019-11234): FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497. CVE-2019-11235 (https://nvd.nist.gov/vuln/detail/CVE-2019-11235): FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.
A new vulnerability has been reported. 3) CVE-2019-20510 Description: "rlm_eap/types/rlm_eap_pwd/eap_pwd.c in the EAP-pwd implementation in FreeRADIUS before 3.0.20 allows remote attackers to discover passwords because there is a side-channel information leak associated with the Hunting and Pecking abort for excessive iterations." Patch: https://github.com/janetuk/freeradius/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa
A new vulnerability has been reported. 4) CVE-2019-17185 Description: "In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack." Fix is in 3.0.20: https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_20
@maintainer(s), please cleanup <3.0.20.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8475a815d7bb356fa09d69b130833ae08f63873c commit 8475a815d7bb356fa09d69b130833ae08f63873c Author: Daniele Rondina <geaaru@gmail.com> AuthorDate: 2020-04-16 16:44:49 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2020-04-17 07:35:56 +0000 net-dialup/freeradius: Drop old Package-Manager: Portage-2.3.69, Repoman-2.3.14 Bug: https://bugs.gentoo.org/685840 Signed-off-by: Daniele Rondina <geaaru@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/15369 Signed-off-by: Joonas Niilola <juippis@gentoo.org> net-dialup/freeradius/Manifest | 4 - .../files/freeradius-3.0.18-systemd-service.patch | 34 --- .../files/freeradius-3.0.19-systemd-service.patch | 53 ----- net-dialup/freeradius/files/freeradius.service | 15 -- net-dialup/freeradius/freeradius-3.0.15.ebuild | 227 ------------------- net-dialup/freeradius/freeradius-3.0.17.ebuild | 240 -------------------- net-dialup/freeradius/freeradius-3.0.18-r1.ebuild | 244 --------------------- net-dialup/freeradius/freeradius-3.0.19.ebuild | 242 -------------------- 8 files changed, 1059 deletions(-)
Thanks for quick cleanup.
GLSA Vote: No Thank you all for you work. Closing as [noglsa].
