Commit report for v2.x.x branch

The git bot announce at freeradius.org
Wed Feb 4 00:00:01 CET 2015


New activity for FreeRADIUS (the high performance and highly configurable RADIUS server)

======
Merge pull request #898 from spbnick/disable_openssl_vercheck_v2.x.x

Add --disable-openssl-version-check option

Alan DeKok at 2015-02-03T20:40:05Z
Files modified:
	* configure
	* configure.in
	* raddb/radiusd.conf.in
	* src/include/autoconf.h.in
	* src/include/radiusd.h
	* src/main/mainconfig.c
	* src/main/radiusd.c
	* src/main/version.c

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/5c9ef84f83aa34e3b72afd27439c2ac4ed28b134
====== 
Add --disable-openssl-version-check option

Add "--disable-openssl-version-check" configure option, which removes
checking for vulnerable OpenSSL versions. It is supposed to be used by
downstream packagers and distributions who have other means to ensure
vulnerabilities are fixed, such as versioned package dependencies and
vulnerability handling processes.

This avoids the necessity of editing radiusd.conf on package upgrade to
make sure it keeps working. At the same time, it provides safe default
to those installing FreeRADIUS from source.

Instead of defining a dummy ssl_check_version function and ignoring
allow_vulnerable_openssl option, remove these altogether to match the
v3.0.x branch.

Nikolai Kondrashov at 2015-02-03T15:58:20Z
Files modified:
	* configure
	* configure.in
	* raddb/radiusd.conf.in
	* src/include/autoconf.h.in
	* src/include/radiusd.h
	* src/main/mainconfig.c
	* src/main/radiusd.c
	* src/main/version.c

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/767c67fc4f2f673a44f89794a3531158dcb7b1ec
====== 
Merge pull request #897 from spbnick/strlcpy_fix

log: Check message buffer length to avoid overflow

Alan DeKok at 2015-02-03T14:32:49Z
Files modified:
	* src/main/log.c

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/b7c5eecddf78b8706972da928b835cd8c8d57757
====== 
log: Check message buffer length to avoid overflow

Check that adding strlcpy result to the message length didn't exceed
size of the message buffer to avoid underflow in calculating remaining
size and overflowing the buffer.

Nikolai Kondrashov at 2015-02-03T12:10:52Z
Files modified:
	* src/main/log.c

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/94b88276fbdc14e945a5f37618052725e78a7521
====== 
-- 
This commit summary was generated @2015-02-04T00:00:01Z by lgfeed version 0.00 (https://github.com/arr2036/lgfeed).


More information about the Freeradius-Devel mailing list