Bug 201058 - net/freeradius2: [security] FreeRADIUS insufficent CRL application (CVE-2015-4680)
Summary: net/freeradius2: [security] FreeRADIUS insufficent CRL application (CVE-2015-...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Ryan Steinmetz
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-06-22 22:05 UTC by Jason Unovitch
Modified: 2015-07-13 11:43 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (zi)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Jason Unovitch freebsd_committer freebsd_triage 2015-06-22 22:05:09 UTC
Seen today on oss-security mailing list:
http://www.ocert.org/advisories/ocert-2015-008.html
Comment 1 Ryan Steinmetz freebsd_committer freebsd_triage 2015-06-23 05:55:55 UTC
I will update the ports once the fixed versions have been released.  As of minutes ago, they are not yet out.
Comment 2 Jason Unovitch freebsd_committer freebsd_triage 2015-07-13 10:07:06 UTC
Thanks.  We should just need an MFH to 2015Q3 of the 2.2.7 -> 2.2.8 update then PR is ready for close.
Comment 3 Ryan Steinmetz freebsd_committer freebsd_triage 2015-07-13 11:37:10 UTC
Port updated to 2.2.8