FreeRadius < 3.0.14 suffers from a bug in the caching mechanism, as reported in "CVE-2017-9148 FreeRADIUS TLS resumption authentication bypass", as you can read here: http://seclists.org/oss-sec/2017/q2/342 There is a version 3.0.14 out, which fixes the bug.
net/freeradius has been deleted, assuming this is for net/freeradius3. Assign to maintainer accordingly. It appears net/freeradius2 (EoL) is also affected, the port for which has not been deprecated/deleted. It does not appear a patch for 2.2.9 has been created (I could not identify one on initial view). Both ports have the same maintainer.
Of course, I meant net/freeradius3.
Update to 3.0.14 committed.
A commit references this bug: Author: zi Date: Thu Jun 1 14:02:31 UTC 2017 New revision: 442287 URL: https://svnweb.freebsd.org/changeset/ports/442287 Log: - Update to 3.0.14 PR: 219662 Requested by: ohartmann@walstatt.org Security: 673dce46-46d0-11e7-a539-0050569f7e80 Changes: head/net/freeradius3/Makefile head/net/freeradius3/distinfo head/net/freeradius3/pkg-plist
A commit references this bug: Author: zi Date: Thu Jun 1 14:03:40 UTC 2017 New revision: 442288 URL: https://svnweb.freebsd.org/changeset/ports/442288 Log: MFH: r442287 - Update to 3.0.14 PR: 219662 Requested by: ohartmann@walstatt.org Security: 673dce46-46d0-11e7-a539-0050569f7e80 Approved by: ports-secteam (with hat) Changes: _U branches/2017Q2/ branches/2017Q2/net/freeradius3/Makefile branches/2017Q2/net/freeradius3/distinfo branches/2017Q2/net/freeradius3/pkg-plist