17 Jul
2017
17 Jul
'17
10:19 a.m.
Alan DeKok wrote:
Guido Vranken found some issues with OpenVPN, so I asked him to look at FreeRADIUS. The good news is we're releasing new versions of the server. The bad news is he found things: http://freeradius.org/security/fuzzer-2017.html
Thank you for the diligence and heads up. Question: Of the bugs affecting RADIUS protocol itself, it looks like they apply to some attributes that to many of us would be considered esoteric... is an attribute filter going to kill those before the affected code gets hit, or not?