Hello community, here is the log from the commit of package freeradius-server checked in at Thu Oct 9 12:18:30 CEST 2008. -------- --- freeradius-server/freeradius-server.changes 2008-09-15 12:37:52.000000000 +0200 +++ /mounts/work_src_done/STABLE/freeradius-server/freeradius-server.changes 2008-10-09 11:41:37.000000000 +0200 @@ -1,0 +2,28 @@ +Thu Oct 9 11:41:06 CEST 2008 - prusnak@suse.cz + +- fixed CVE-2008-4474 [bnc#433762] + +------------------------------------------------------------------- +Thu Oct 9 11:37:04 CEST 2008 - prusnak@suse.cz + +- updated to 2.1.1 + o Feature Improvements + * Many more options and features are available via radmin. + See man radmin and raddb/sites-available/control-socket. + * Many more commands available via the control socket. + Connect via radmin, and type help for more information. + * Added dictionary.networkphysics and dictionary.lancom. + * Calculate WiMAX MIP keys, and added sample WiMAX SQL tables. + o Bug Fixes + * Fixed bug that made radmin not work. + * Fixed Suse && Debian package scripts. + * Fixed issues with dynamic clients. + * Fixed configure checks for -lreadline + * rlm_sqlippool no longer needs to be linked to rlm_sql. + * Add statistics for detail file listeners. This closes bug #593. + * Fixed printing of some WiMAX attributes. + * Fixed double free on exit() in rlm_attr_filter. + * Fixed build issues on Solaris. + * Fixed fast session resumption for EAP-TLS. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- freeradius-server-2.1.0-codecleanup.patch freeradius-server-2.1.0-dialup_admin.patch freeradius-server-2.1.0-ltdl.patch freeradius-server-2.1.0-rcradiusd.patch freeradius-server-2.1.0.tar.bz2 New: ---- freeradius-server-2.1.1-codecleanup.patch freeradius-server-2.1.1-CVE-2008-4474.patch freeradius-server-2.1.1-dialup_admin.patch freeradius-server-2.1.1-ltdl.patch freeradius-server-2.1.1-rcradiusd.patch freeradius-server-2.1.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ freeradius-server.spec ++++++ --- /var/tmp/diff_new_pack.o27775/_old 2008-10-09 12:18:02.000000000 +0200 +++ /var/tmp/diff_new_pack.o27775/_new 2008-10-09 12:18:02.000000000 +0200 @@ -1,5 +1,5 @@ # -# spec file for package freeradius-server (Version 2.1.0) +# spec file for package freeradius-server (Version 2.1.1) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -18,8 +18,8 @@ Name: freeradius-server -Version: 2.1.0 -Release: 4 +Version: 2.1.1 +Release: 1 License: GPL v2 only; LGPL v2.1 only Group: Productivity/Networking/Radius/Servers Provides: radiusd @@ -33,6 +33,7 @@ Patch1: %{name}-%{version}-dialup_admin.patch Patch2: %{name}-%{version}-rcradiusd.patch Patch3: %{name}-%{version}-codecleanup.patch +Patch4: %{name}-%{version}-CVE-2008-4474.patch PreReq: %{_sbindir}/useradd %{_sbindir}/groupadd PreReq: perl PreReq: %insserv_prereq %fillup_prereq @@ -209,6 +210,7 @@ %patch1 %patch2 %patch3 +%patch4 %build #export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -fstack-protector" @@ -433,6 +435,28 @@ %attr(644,root,root) %{_includedir}/freeradius/*.h %changelog +* Thu Oct 09 2008 prusnak@suse.cz +- fixed CVE-2008-4474 [bnc#433762] +* Thu Oct 09 2008 prusnak@suse.cz +- updated to 2.1.1 + o Feature Improvements + * Many more options and features are available via radmin. + See man radmin and raddb/sites-available/control-socket. + * Many more commands available via the control socket. + Connect via radmin, and type help for more information. + * Added dictionary.networkphysics and dictionary.lancom. + * Calculate WiMAX MIP keys, and added sample WiMAX SQL tables. + o Bug Fixes + * Fixed bug that made radmin not work. + * Fixed Suse && Debian package scripts. + * Fixed issues with dynamic clients. + * Fixed configure checks for -lreadline + * rlm_sqlippool no longer needs to be linked to rlm_sql. + * Add statistics for detail file listeners. This closes bug #593. + * Fixed printing of some WiMAX attributes. + * Fixed double free on exit() in rlm_attr_filter. + * Fixed build issues on Solaris. + * Fixed fast session resumption for EAP-TLS. * Mon Sep 15 2008 ro@suse.de - make radrelay a hardlink to radiusday (instead of identical copy) * Tue Sep 09 2008 prusnak@suse.cz ++++++ freeradius-server-2.1.0-codecleanup.patch -> freeradius-server-2.1.1-codecleanup.patch ++++++ ++++++ freeradius-server-2.1.1-CVE-2008-4474.patch ++++++ --- dialup_admin/bin/clean_radacct +++ dialup_admin/bin/clean_radacct @@ -5,6 +5,7 @@ # Works with mysql and postgresql # use POSIX; +use File::Temp; $conf=shift||'/usr/share/dialup_admin/conf/admin.conf'; $back_days = 35; @@ -42,11 +43,10 @@ $query = "DELETE FROM $sql_accounting_table WHERE AcctStopTime IS NULL AND AcctStartTime < '$date';"; print "$query\n"; -open TMP, ">/tmp/clean_radacct.query" - or die "Could not open tmp file\n"; -print TMP $query; -close TMP; -$command = "$sqlcmd -h$sql_server -u$sql_username $sql_password $sql_database /tmp/tot_stats.query" - or die "Could not open tmp file\n"; -print TMP "ALTER SESSION SET NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM';\n" if ($sql_type eq 'oracle'); -print TMP $query1; -print TMP $query2; -close TMP; -$command = "$sqlcmd -h $sql_server -u $sql_username $sql_password $sql_database /tmp/tot_stats.query" - or die "Could not open tmp file\n"; -print TMP "ALTER SESSION SET NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM';\n" if ($sql_type eq 'oracle'); -print TMP $query1; -print TMP $query2; -close TMP; -$command = "$sqlcmd -h $sql_server -u $sql_username $sql_password $sql_database /tmp/truncate_radacct.query" - or die "Could not open tmp file\n"; -print TMP "ALTER SESSION SET NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM';\n" if ($sql_type eq 'oracle'); -print TMP $query; -close TMP; -$command = "$sqlcmd -h$sql_server -u$sql_username $sql_password $sql_database freeradius-server-2.1.1-dialup_admin.patch ++++++ ++++++ freeradius-server-2.1.0-ltdl.patch -> freeradius-server-2.1.1-ltdl.patch ++++++ ++++++ freeradius-server-2.1.0-rcradiusd.patch -> freeradius-server-2.1.1-rcradiusd.patch ++++++ ++++++ freeradius-server-2.1.0.tar.bz2 -> freeradius-server-2.1.1.tar.bz2 ++++++ ++++ 11270 lines of diff (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org