Existing tags being modified on 2026-04-01
Stuff like this worries me with all the supply chain attacks going around. We are still expecting lots of fallout from the Trivy compromise. There's no reason to believe the LiteLLM was the only one. bjorn@canardo:/usr/local/src/git/freeradius$ git fetch --all --tags --prune Fetching origin remote: Enumerating objects: 265, done. remote: Counting objects: 100% (137/137), done. remote: Compressing objects: 100% (18/18), done. remote: Total 265 (delta 119), reused 137 (delta 119), pack-reused 128 (from 3) Receiving objects: 100% (265/265), 92.91 KiB | 2.02 MiB/s, done. Resolving deltas: 100% (129/129), completed with 14 local objects.
From https://github.com/FreeRADIUS/freeradius-server 0e6dc8c2bde7..fa8ca050f3d7 v3.2.x -> origin/v3.2.x ! [rejected] branch_3_1_x -> branch_3_1_x (would clobber existing tag) ! [rejected] branch_4_0_0 -> branch_4_0_0 (would clobber existing tag) ! [rejected] first-build -> first-build (would clobber existing tag) ! [rejected] release_0_1_0 -> release_0_1_0 (would clobber existing tag) ! [rejected] release_0_2_0 -> release_0_2_0 (would clobber existing tag) ! [rejected] release_0_3_0 -> release_0_3_0 (would clobber existing tag) ! [rejected] release_0_4_0 -> release_0_4_0 (would clobber existing tag) ! [rejected] release_0_5_0 -> release_0_5_0 (would clobber existing tag) ! [rejected] release_0_6_0 -> release_0_6_0 (would clobber existing tag) ! [rejected] release_0_7_0 -> release_0_7_0 (would clobber existing tag) ! [rejected] release_0_7_1 -> release_0_7_1 (would clobber existing tag) ! [rejected] release_0_8_1 -> release_0_8_1 (would clobber existing tag) ! [rejected] release_0_9_0 -> release_0_9_0 (would clobber existing tag) ! [rejected] release_0_9_0_final -> release_0_9_0_final (would clobber existing tag) ! [rejected] release_0_9_0_pre2 -> release_0_9_0_pre2 (would clobber existing tag) ! [rejected] release_0_9_0_pre3 -> release_0_9_0_pre3 (would clobber existing tag) ! [rejected] release_0_9_1 -> release_0_9_1 (would clobber existing tag) ! [rejected] release_0_9_2 -> release_0_9_2 (would clobber existing tag) ! [rejected] release_0_9_3 -> release_0_9_3 (would clobber existing tag) ! [rejected] release_1_0_0 -> release_1_0_0 (would clobber existing tag) ! [rejected] release_1_0_0_pre1 -> release_1_0_0_pre1 (would clobber existing tag) ! [rejected] release_1_0_0_pre2 -> release_1_0_0_pre2 (would clobber existing tag) ! [rejected] release_1_0_0_pre3 -> release_1_0_0_pre3 (would clobber existing tag) ! [rejected] release_1_0_1 -> release_1_0_1 (would clobber existing tag) ! [rejected] release_1_0_2 -> release_1_0_2 (would clobber existing tag) ! [rejected] release_1_0_3 -> release_1_0_3 (would clobber existing tag) ! [rejected] release_1_0_4 -> release_1_0_4 (would clobber existing tag) ! [rejected] release_1_0_5 -> release_1_0_5 (would clobber existing tag) ! [rejected] release_1_1_0 -> release_1_1_0 (would clobber existing tag) ! [rejected] release_1_1_0_pre0 -> release_1_1_0_pre0 (would clobber existing tag) ! [rejected] release_1_1_1 -> release_1_1_1 (would clobber existing tag) ! [rejected] release_1_1_2 -> release_1_1_2 (would clobber existing tag) ! [rejected] release_1_1_3 -> release_1_1_3 (would clobber existing tag) ! [rejected] release_1_1_4 -> release_1_1_4 (would clobber existing tag) ! [rejected] release_1_1_5 -> release_1_1_5 (would clobber existing tag) ! [rejected] release_1_1_6 -> release_1_1_6 (would clobber existing tag) ! [rejected] release_1_1_7 -> release_1_1_7 (would clobber existing tag) ! [rejected] release_1_1_8 -> release_1_1_8 (would clobber existing tag) ! [rejected] release_2_0_0 -> release_2_0_0 (would clobber existing tag) ! [rejected] release_2_0_0_pre1 -> release_2_0_0_pre1 (would clobber existing tag) ! [rejected] release_2_0_0_pre2 -> release_2_0_0_pre2 (would clobber existing tag) ! [rejected] release_2_0_1 -> release_2_0_1 (would clobber existing tag) ! [rejected] release_2_0_2 -> release_2_0_2 (would clobber existing tag) ! [rejected] release_2_0_3 -> release_2_0_3 (would clobber existing tag) ! [rejected] release_2_0_4 -> release_2_0_4 (would clobber existing tag) ! [rejected] release_2_0_5 -> release_2_0_5 (would clobber existing tag) ! [rejected] release_2_1_0 -> release_2_1_0 (would clobber existing tag) ! [rejected] release_2_1_1 -> release_2_1_1 (would clobber existing tag) ! [rejected] release_2_1_10 -> release_2_1_10 (would clobber existing tag) ! [rejected] release_2_1_11 -> release_2_1_11 (would clobber existing tag) ! [rejected] release_2_1_12 -> release_2_1_12 (would clobber existing tag) ! [rejected] release_2_1_2 -> release_2_1_2 (would clobber existing tag) ! [rejected] release_2_1_3 -> release_2_1_3 (would clobber existing tag) ! [rejected] release_2_1_4 -> release_2_1_4 (would clobber existing tag) ! [rejected] release_2_1_6 -> release_2_1_6 (would clobber existing tag) ! [rejected] release_2_1_7 -> release_2_1_7 (would clobber existing tag) ! [rejected] release_2_1_8 -> release_2_1_8 (would clobber existing tag) ! [rejected] release_2_1_9 -> release_2_1_9 (would clobber existing tag) ! [rejected] release_2_2_0 -> release_2_2_0 (would clobber existing tag) ! [rejected] release_2_2_1 -> release_2_2_1 (would clobber existing tag) ! [rejected] release_2_2_10 -> release_2_2_10 (would clobber existing tag) ! [rejected] release_2_2_2 -> release_2_2_2 (would clobber existing tag) ! [rejected] release_2_2_3 -> release_2_2_3 (would clobber existing tag) ! [rejected] release_2_2_4 -> release_2_2_4 (would clobber existing tag) ! [rejected] release_2_2_5 -> release_2_2_5 (would clobber existing tag) ! [rejected] release_2_2_6 -> release_2_2_6 (would clobber existing tag) ! [rejected] release_2_2_7 -> release_2_2_7 (would clobber existing tag) ! [rejected] release_2_2_8 -> release_2_2_8 (would clobber existing tag) ! [rejected] release_2_2_9 -> release_2_2_9 (would clobber existing tag) ! [rejected] release_3.0.8 -> release_3.0.8 (would clobber existing tag) ! [rejected] release_3_0_0 -> release_3_0_0 (would clobber existing tag) ! [rejected] release_3_0_0_beta0 -> release_3_0_0_beta0 (would clobber existing tag) ! [rejected] release_3_0_0_beta1 -> release_3_0_0_beta1 (would clobber existing tag) ! [rejected] release_3_0_0_rc0 -> release_3_0_0_rc0 (would clobber existing tag) ! [rejected] release_3_0_0_rc1 -> release_3_0_0_rc1 (would clobber existing tag) ! [rejected] release_3_0_1 -> release_3_0_1 (would clobber existing tag) ! [rejected] release_3_0_10 -> release_3_0_10 (would clobber existing tag) ! [rejected] release_3_0_11 -> release_3_0_11 (would clobber existing tag) ! [rejected] release_3_0_12 -> release_3_0_12 (would clobber existing tag) ! [rejected] release_3_0_13 -> release_3_0_13 (would clobber existing tag) ! [rejected] release_3_0_14 -> release_3_0_14 (would clobber existing tag) ! [rejected] release_3_0_15 -> release_3_0_15 (would clobber existing tag) ! [rejected] release_3_0_16 -> release_3_0_16 (would clobber existing tag) ! [rejected] release_3_0_17 -> release_3_0_17 (would clobber existing tag) ! [rejected] release_3_0_18 -> release_3_0_18 (would clobber existing tag) ! [rejected] release_3_0_19 -> release_3_0_19 (would clobber existing tag) ! [rejected] release_3_0_2 -> release_3_0_2 (would clobber existing tag) ! [rejected] release_3_0_20 -> release_3_0_20 (would clobber existing tag) ! [rejected] release_3_0_21 -> release_3_0_21 (would clobber existing tag) ! [rejected] release_3_0_22 -> release_3_0_22 (would clobber existing tag) ! [rejected] release_3_0_23 -> release_3_0_23 (would clobber existing tag) ! [rejected] release_3_0_24 -> release_3_0_24 (would clobber existing tag) ! [rejected] release_3_0_25 -> release_3_0_25 (would clobber existing tag) ! [rejected] release_3_0_26 -> release_3_0_26 (would clobber existing tag) ! [rejected] release_3_0_27 -> release_3_0_27 (would clobber existing tag) ! [rejected] release_3_0_3 -> release_3_0_3 (would clobber existing tag) ! [rejected] release_3_0_4 -> release_3_0_4 (would clobber existing tag) ! [rejected] release_3_0_4_rc0 -> release_3_0_4_rc0 (would clobber existing tag) ! [rejected] release_3_0_4_rc1 -> release_3_0_4_rc1 (would clobber existing tag) ! [rejected] release_3_0_4_rc2 -> release_3_0_4_rc2 (would clobber existing tag) ! [rejected] release_3_0_5 -> release_3_0_5 (would clobber existing tag) ! [rejected] release_3_0_6 -> release_3_0_6 (would clobber existing tag) ! [rejected] release_3_0_7 -> release_3_0_7 (would clobber existing tag) ! [rejected] release_3_0_8 -> release_3_0_8 (would clobber existing tag) ! [rejected] release_3_0_9 -> release_3_0_9 (would clobber existing tag) ! [rejected] release_3_2_0 -> release_3_2_0 (would clobber existing tag) ! [rejected] release_3_2_1 -> release_3_2_1 (would clobber existing tag) ! [rejected] release_3_2_2 -> release_3_2_2 (would clobber existing tag) ! [rejected] release_3_2_3 -> release_3_2_3 (would clobber existing tag) ! [rejected] release_3_2_4 -> release_3_2_4 (would clobber existing tag) ! [rejected] release_3_2_5 -> release_3_2_5 (would clobber existing tag) ! [rejected] release_3_2_6 -> release_3_2_6 (would clobber existing tag) ! [rejected] release_3_2_7 -> release_3_2_7 (would clobber existing tag) ! [rejected] release_3_2_8 -> release_3_2_8 (would clobber existing tag) error: could not fetch origin Fetching bmork@github
Comparing a small subset of the tags on github with my local copies, I see this on github: bjorn@canardo:/usr/local/src/git/freeradius$ git ls-remote --tags origin refs/tags/release_3_2_* 69c4b9c4e6e40a69db27049cb6ea65568c1f8c50 refs/tags/release_3_2_0 87528a85decda00b86cf00ad640dc14558e1ca88 refs/tags/release_3_2_0^{} 795def425e5902a714567a14cbaf36717a199765 refs/tags/release_3_2_1 3b86b8fab3574bc860688a55b4c8f70ebc054f15 refs/tags/release_3_2_1^{} 723efbe8846e32852e4a0552400db932ed119913 refs/tags/release_3_2_2 b9ed73ef2d2628fa6e2a6d15a7782f8217966be0 refs/tags/release_3_2_2^{} 902152f616f6c67f91152707663258edaf3dae75 refs/tags/release_3_2_3 db3d1924d9a2e8d37c43872932621f69cfdbb099 refs/tags/release_3_2_3^{} 4f0566bed21fd88c4c93a18094a666cd04573049 refs/tags/release_3_2_4 7e8f34ec57ca854709672f7f3e4a341ff2f0b550 refs/tags/release_3_2_4^{} 64440a14ca3c666883aeb5e0a47ae226448b4a30 refs/tags/release_3_2_5 a7acce80f5ba2271d9aeb737a4a91a5bf8317f31 refs/tags/release_3_2_5^{} e23d0f459b893f8e09eb4423e947f64a2caf6cf0 refs/tags/release_3_2_6 a696279897f9e87c2fb2b1b8388da5a4aa09835f refs/tags/release_3_2_6^{} daf925decd4873c252839de116778c90c2e5d97c refs/tags/release_3_2_7 694a97dddbdd26423504afe7c530e8e1502b7354 refs/tags/release_3_2_7^{} 004dafca9f3601453cd3cc08f36493b708ce55cf refs/tags/release_3_2_8 032be31bb52646171099617928ec1703335bcf73 refs/tags/release_3_2_8^{} While I've got: bjorn@canardo:/usr/local/src/git/freeradius$ git tag --list --format='%(objectname) %(refname)' release_3_2_* 87528a85decda00b86cf00ad640dc14558e1ca88 refs/tags/release_3_2_0 3b86b8fab3574bc860688a55b4c8f70ebc054f15 refs/tags/release_3_2_1 b9ed73ef2d2628fa6e2a6d15a7782f8217966be0 refs/tags/release_3_2_2 db3d1924d9a2e8d37c43872932621f69cfdbb099 refs/tags/release_3_2_3 7e8f34ec57ca854709672f7f3e4a341ff2f0b550 refs/tags/release_3_2_4 a7acce80f5ba2271d9aeb737a4a91a5bf8317f31 refs/tags/release_3_2_5 a696279897f9e87c2fb2b1b8388da5a4aa09835f refs/tags/release_3_2_6 694a97dddbdd26423504afe7c530e8e1502b7354 refs/tags/release_3_2_7 032be31bb52646171099617928ec1703335bcf73 refs/tags/release_3_2_8 So my tags match the odd tag names with a '^{}' suffix. The new tags seem to all be gpg signed objects referencing the same object as the old tag. For example: bjorn@canardo:/usr/local/src/git/freeradius$ git show 004dafca9f3601453cd3cc08f36493b708ce55cf tag release_3_2_8 Tagger: Alan T. DeKok <aland@freeradius.org> Date: Wed Apr 1 18:35:01 2026 -0400 release_3_2_8 -----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEE8n1lTTL4FC4LtEWpfQ55zXdiHs0FAmnNnZUACgkQfQ55zXdi Hs0VJQf/fcukNADXI9Nc1iP2xEWok0T9yKD/IsXNp27kKzvdItXDT4WSAJRV454f FObLabOcMAfvomBiBGZfVLoNoCFrnG0hOF+cBGCRMYFqRDFTt65UXxb9NWAF0Dw+ kJznNS02Ds/bWxgMA1r7GYkoLqs+Klwg79DuBhmwnXNcj4sr6ifx9NVxOugab+YC c7X+aunFfDonj6UGJYfAITjlkvdHgvenK15e1UDzYtDzPRsw41Eesa7E0ea+ZlMo 44SNFWcyXuXyXukQhgr12tdtgOvBQ8GYGwDt/2DUAVz4wUrM7rcq+6y+8LJM77ef sCqvUF4RNdR2SiZAMbqy+gUe98DJYg== =7bE2 -----END PGP SIGNATURE----- commit 032be31bb52646171099617928ec1703335bcf73 (tag: release_3_2_8) gpg: Signature made Wed Aug 20 18:29:15 2025 CEST gpg: using RSA key A5C5E99DFB9B5C1F70A7A2FFD9B933C12AED74F0 gpg: issuer "matthew-git@newtoncomputing.co.uk" gpg: Good signature from "Matthew Newton (git signing key) <matthew-git@newtoncomputing.co.uk>" [full] gpg: matthew-git@newtoncomputing.co.uk: Verified 284 signatures in the past 2 months. Encrypted 0 messages. Primary key fingerprint: A5C5 E99D FB9B 5C1F 70A7 A2FF D9B9 33C1 2AED 74F0 Author: Matthew Newton <matthew-git@newtoncomputing.co.uk> Date: Wed Aug 20 17:29:15 2025 +0100 release 3.2.8 diff --git a/debian/changelog b/debian/changelog index a004b9adecca..d24614ea2720 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,7 +2,7 @@ freeradius (3.2.8+git) unstable; urgency=medium * New upstream version. - -- Alan DeKok <aland@freeradius.org> Fri, 31 Jan 2025 12:00:00 +0000 + -- Alan DeKok <aland@freeradius.org> Wed, 20 Aug 2025 12:00:00 +0000 freeradius (3.2.7+git) unstable; urgency=medium diff --git a/doc/ChangeLog b/doc/ChangeLog index c7e59bef42c8..b7ec777822c4 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,4 +1,4 @@ -FreeRADIUS 3.2.8 Fri 31 Jan 2025 12:00:00 UTC urgency=low +FreeRADIUS 3.2.8 Wed 20 Aug 2025 12:00:00 UTC urgency=low Configuration changes * Replace dictionary.infinera with the correct one. * Update dictionary.alteon @@ -25,11 +25,9 @@ FreeRADIUS 3.2.8 Fri 31 Jan 2025 12:00:00 UTC urgency=low * Added kafka module. See mods-available/kafka. * json module can now print dates as integers. See mods-available/json - * The debug output now points to the online documentation - in many cases, when there are syntax errors in the - configuration. - * Add support for 389ds password hashes. Patch from - Gerald Vogt. + * The debug output now points to the online documentation in + many cases, when there are syntax errors in the configuration. + * Add support for 389ds password hashes. Patch from Gerald Vogt. * reject_delay does not _add_ a delay, but instead ensures that the reject is delayed for _at least_ that time. This change means that reject_delay can be set in more situations, including So that looks fine. Except this sudden appearance of signatures on all the old tags, reusing the same names. That's very messy. Could anyone please confirm that this intentional and the everything is OK with the github repo? Yes, I can see that the tags are signed by an entity which normally would be trusted.. But these days I have to assume that *any* release credentials could be compromised. The only protection left is the sanity of local clones. And tag updates are as unexpected as any other object modifcations. Bjørn
On Apr 2, 2026, at 5:18 AM, Bjørn Mork via Freeradius-Users <freeradius-users@lists.freeradius.org> wrote:
Stuff like this worries me with all the supply chain attacks going around. We are still expecting lots of fallout from the Trivy compromise. There's no reason to believe the LiteLLM was the only one.
Sorry, I should have posted an announcement to the list. In order to prevent supply chain attacks, we have been signing all commits to the FreeRADIUS repository. I noticed yesterday that the tags weren't signed, so I signed them and did a force push. This unfortunately has the side effect of making it look like the tag changed. In reality, the tag is still pointing to the same commit. But the tag is now annotated with a PGP signature. The intention here is to prevent supply chain attacks. The default behavior of "git" is to complain about this, even though there is no actual conflict in the tag behavior.
So my tags match the odd tag names with a '^{}' suffix. The new tags seem to all be gpg signed objects referencing the same object as the old tag.
Yes.
So that looks fine. Except this sudden appearance of signatures on all the old tags, reusing the same names. That's very messy.
There is no other way to PGP sign the tags in git, unfortunately.
Could anyone please confirm that this intentional and the everything is OK with the github repo?
It's 100% OK. If you check the signatures, you'll see that they are valid.
Yes, I can see that the tags are signed by an entity which normally would be trusted.. But these days I have to assume that *any* release credentials could be compromised. The only protection left is the sanity of local clones. And tag updates are as unexpected as any other object modifcations.
Perhaps. But the tags are still pointing to the same commit, so there is no semantic change in them. Any complaints here are really a git usability issue. Keeping a local copy ensures that you can detect any modifications to the main FreeRADIUS repository. PGP signing the commits ensures that the commits come from a known source. i.e. if you see commits signed by my PGP key which are malicious, you know that my systems have been compromised. Without PGP signatures, anyone with commit access can forge commits as anyone else. This forgery makes it extremely difficult to discover which system was actually compromised. Alan DeKok.
Thanks for clearing that up. And thanks a lot for keeping this list running. The inherent immutability of a traditional mailing list is an important security feature. Bjørn
participants (2)
-
Alan DeKok -
Bjørn Mork