Oval Definition:oval:org.opensuse.security:def:82813
Revision Date:2019-04-25Version:1
Title:Security update for freeradius-server (Important)
Description:

This update for freeradius-server fixes the following issues:

Security issues fixed:

- CVE-2019-11235: Fixed an authentication bypass related to the EAP-PWD Commit frame and insufficent validation of elliptic curve points (bsc#1132549). - CVE-2019-11234: Fixed an authentication bypass caused by reflecting privous values back to the server (bsc#1132664).
Family:unixClass:patch
Status:Reference(s):1132549
1132664
CVE-2019-11234
CVE-2019-11235
Platform(s):SUSE Linux Enterprise Server 12 SP2-ESPOS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • freeradius-server-3.0.3-17.12.1 is installed
  • OR freeradius-server-doc-3.0.3-17.12.1 is installed
  • OR freeradius-server-krb5-3.0.3-17.12.1 is installed
  • OR freeradius-server-ldap-3.0.3-17.12.1 is installed
  • OR freeradius-server-libs-3.0.3-17.12.1 is installed
  • OR freeradius-server-mysql-3.0.3-17.12.1 is installed
  • OR freeradius-server-perl-3.0.3-17.12.1 is installed
  • OR freeradius-server-postgresql-3.0.3-17.12.1 is installed
  • OR freeradius-server-python-3.0.3-17.12.1 is installed
  • OR freeradius-server-sqlite-3.0.3-17.12.1 is installed
  • OR freeradius-server-utils-3.0.3-17.12.1 is installed
    • BACK