oss-sec mailing list archives
CVE request: freeradius
From: Vincent Danen <vdanen () redhat com>
Date: Fri, 1 Oct 2010 10:29:50 -0600
Requesting CVE names for two flaws fix in freeradius 2.1.10: DoS via certain DHCP requests [1] https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=77 [2] http://secunia.com/advisories/41621 [3] http://github.com/alandekok/freeradius-server/commit/4dc7800b866f889a1247685bbaa6dd4238a56279 [4] https://bugzilla.redhat.com/show_bug.cgi?id=639390 crash when processing requests queued for more than 30 seconds [1] https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=35 [2] http://secunia.com/advisories/41621 [3] http://github.com/alandekok/freeradius-server/commit/ff94dd35673bba1476594299d31ce8293b8bd223 [4] https://bugzilla.redhat.com/show_bug.cgi?id=639397 Both issues only affect 2.1.x (1.1.x does not have the affected files or functions). It looks as though the first issue only affected 2.1.9; I'm not yet sure if or how far the second issue may go back. Could two CVE names be assigned to this issue please? Thanks! --Vincent Danen / Red Hat Security Response Team
Current thread:
- CVE request: freeradius Vincent Danen (Oct 01)
- Re: CVE request: freeradius Josh Bressers (Oct 01)