Overview

File _patchinfo of Package patchinfo.3877

<patchinfo incident="3877">
  <category>security</category>
  <rating>important</rating>
  <packager>adamm</packager>
  <summary>Security update for freeradius-server</summary>
  <description>
This update of freeradius-server fixes several issues.

Security issue fixed:
- CVE-2015-4680: Fixed Insufficent CRL application for intermediate certificates (bsc#935573)

Non security issues fixed:
- Allows FreeRadius Server to start on SUSE Linux Enterprise Server 12 SP2 systems
  by relaxing a too strict openssl version check. (bsc#1013311)
- Fixed radclient error free() invalid pointer (bsc#911886)
- Fixed failing rebuild of freeradius-server package (bsc#951404)
  
  </description>
<issue tracker="bnc" id="935573">VUL-1: CVE-2015-4680: freeradius, freeradius-server: insufficent CRL application for intermediate certificates</issue>
<issue tracker="cve" id="2015-4680"/>
<issue tracker="bnc" id="1013311">L3: libssl version mismatch. built: 1000109f linked: 100020af when starting radiusd -X</issue>
<issue tracker="bnc" id="951404">Rebuild of freeradius-server package fails</issue>
<issue tracker="bnc" id="911886">radclient error free() invalid pointer</issue>
</patchinfo>
openSUSE Build Service is sponsored by
Places