Vulnerability in FreeRADIUS
HANCHATE Ravikiran (u5574292)
u5574292 at orange.be
Mon Mar 16 13:22:44 CET 2020
Thank you Alan for your descriptive reply .
From: Freeradius-Users [freeradius-users-bounces+u5574292=orange.be at lists.freeradius.org] on behalf of Alan DeKok [aland at deployingradius.com]
Sent: Monday, 16 March 2020 1:15 PM
To: FreeRadius users mailing list
Cc: HANCHATE Ravikiran (TechM)
Subject: Re: Vulnerability in FreeRADIUS
On Mar 16, 2020, at 8:02 AM, HANCHATE Ravikiran (u5574292) <u5574292 at orange.be> wrote:
> we received Vulnerability in FreeRADIUS , Can you please assist here,
This issue was found and fixed many months ago.
> 1/ How this will impact on our radius infra ?
Do you run EAP-PWD?
no - this doesn't affect you
yes - the description says what the impact is.
> 2/ what steps need to be taken to Apply the Linux Fedora patches regarding the FreeRADIUS vulnerability
Ask Fedora how their system works.
> Please provide step by step guides or implement instructions to Apply the Linux Fedora patches ?
You seem to be operating under the misconception that we *owe* you something. We don't.
The guides and documentation are available on the FreeRADIUS web site, and are included with the source. If you have *specific* questions about them, please ask. Otherwise, if it's too much work for you to look for the guides, then it's too much work for us to look for them, too. If only there was something called "google", or perhaps a "wiki". Or even a "doc" directory in the server. That would be magical...
As for Fedora, ask Fedora how to apply patches to their system. Ask Fedora if they have updated patches.
We supply the source, which you can download and build yourself. Instructions are on the Wiki, and included with the source.
We also supply pre-built packages. Full instructions are on our web site: http://packages.networkradius.com
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
This electronic transmission (and any attached document) is intended
exclusively for the person or entity to whom it is addressed and may
contain confidential and/or privileged material.
Any disclosure, copying, distribution or other action based upon
the information by persons or entities other than the intended recipient
is prohibited. If you receive this message in error, please contact the
sender and delete the material from any and all computers.
Orange Belgium does not warrant a proper and complete transmission of this
information, nor does it accept liability for any delays.
Unless clearly and unambiguously stated otherwise, the content of this
e-mail and its attachment is provided to you for information purposes
only, and nothing herein shall be binding upon, or shall constitute or
be construed as a binding offer of Orange Belgium.
*****END OF DISCLAIMER*****
More information about the Freeradius-Users