Oval Definition:oval:org.opensuse.security:def:74819
Revision Date:2020-12-01Version:1
Title:Security update for freeradius-server (Important)
Description:

This update for freeradius-server fixes the following issues:

Security issues fixed:

- CVE-2019-11235: Fixed an authentication bypass related to the EAP-PWD Commit frame and insufficent validation of elliptic curve points (bsc#1132549). - CVE-2019-11234: Fixed an authentication bypass caused by reflecting privous values back to the server (bsc#1132664).

This update was imported from the SUSE:SLE-15:Update update project.
Family:unixClass:patch
Status:Reference(s):1132549
1132664
1172906
1172935
1173197
CVE-2019-11234
CVE-2019-11235
CVE-2020-14093
CVE-2020-14154
CVE-2020-14954
openSUSE-SU-2020:0542-1
openSUSE-SU-2020:0903-1
Platform(s):openSUSE Leap 15.1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • freeradius-server-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-devel-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-doc-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-krb5-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-ldap-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-libs-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-mysql-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-perl-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-postgresql-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-python-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-sqlite-3.0.16-lp151.4.3 is installed
  • OR freeradius-server-utils-3.0.16-lp151.4.3 is installed
    • BACK