File _patchinfo of Package patchinfo.4927

<patchinfo incident="4927">
  <issue id="1027243" tracker="bnc">freeradius: regex do ignore case insensitive flag</issue>
  <issue id="1041445" tracker="bnc">VUL-0: CVE-2017-9148: freeradius-server: TLS resumption authentication bypass</issue>
  <issue id="2017-9148" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>adamm</packager>
  <description>This update for freeradius-server fixes the following issues:

Security issue fixed:

- CVE-2017-9148: Disable OpenSSL's internal session cache to mitigate
  authentication bypass. (bsc#1041445)

Non security issue fixed:

- Fix case insensitive matching in compiled regular expressions (bsc#1027243)
  
</description>
  <summary>Security update for freeradius-server</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.4927

Places