SUSE-SU-2023:0135-1 -- SLES freeradius-serverID: oval:org.secpod.oval:def:89048159 | Date: (C)2023-02-02 (M)2023-07-21 |
Class: PATCH | Family: unix |
This update for freeradius-server fixes the following issues: - CVE-2022-41859: Fixed an issue in EAP-PWD that could leak information about the password, which could facilitate dictionary attacks . - CVE-2022-41860: Fixed a crash in servers with EAP_SIM manually configured, which could be triggered via a malformed SIM option . - CVE-2022-41861: Fixed a server crash that could be triggered by sending malformed data from a system in the RADIUS circle of trust .
Platform: |
SUSE Linux Enterprise Server 12 SP2 |
Product: |
freeradius-server |