Security issues with 1.1.3 flatfile
John Dennis
jdennis at redhat.com
Mon Aug 1 23:50:39 CEST 2011
On 08/01/2011 05:08 PM, d.tom.schmitt at L-3com.com wrote:
> Currently running 1.1.3 on CentOS 5.x.
You really should upgrade to 2.x. In RHEL 5 the package name of the 2.x
version of FreeRADIUS is freeradius2. The reason why the package name is
different is because the configuration of FreeRADIUS versions 1.x are
not the same as 2.x therefore we can't replace the 1.x version with 2.x
because that would break existing installations, thus in RHEL5 we added
new FreeRADIUS packages under the freeradius2 package name.
Of course that's RHEL, I can only presume CentOS is tracking us and
picked up the new freeradius2. In RHEL 6 we didn't have the conflict,
the 2.x version of FreeRADIUS is the expected package name of freeradius.
FWIW a number of the permission and other issues were cleaned up in the
2.x package versions.
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeradius-Users
mailing list