Fedora 9 Update: freeradius-2.1.3-1.fc9
updates at fedoraproject.org
updates at fedoraproject.org
Tue Dec 30 23:42:48 UTC 2008
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-11124
2008-12-10 03:41:42
--------------------------------------------------------------------------------
Name : freeradius
Product : Fedora 9
Version : 2.1.3
Release : 1.fc9
URL : http://www.freeradius.org/
Summary : High-performance and highly configurable free RADIUS server
Description :
The FreeRADIUS Server Project is a high performance and highly configurable
GPL'd free RADIUS server. The server is similar in some respects to
Livingston's 2.0 server. While FreeRADIUS started as a variant of the
Cistron RADIUS server, they don't share a lot in common any more. It now has
many more features than Cistron or Livingston, and is much more configurable.
FreeRADIUS is an Internet authentication daemon, which implements the RADIUS
protocol, as defined in RFC 2865 (and others). It allows Network Access
Servers (NAS boxes) to perform authentication for dial-up users. There are
also RADIUS clients available for Web servers, firewalls, Unix logins, and
more. Using RADIUS allows authentication and authorization for a network to
be centralized, and minimizes the amount of re-configuration which has to be
done when adding or deleting new users.
--------------------------------------------------------------------------------
Update Information:
- upgrade to latest upstream release 2.1.3, upstream summary follows: The
focus of this release is stability. Feature Improvements: * Allow
running with "user=radiusd" and binding to secure sockets. * Start sending
Status-Server "are you alive" messages earlier, which helps with proxying
multiple realms to a home server. * Removed thread pool code from rlm_perl.
It's not necessary. * Added example Perl configuration to
raddb/modules/perl * Force OpenSSL to support certificates with SHA256.
This seems to be necessary for WiMAX certs. Bug fixes: * Fix
Debian patch to allow it to build. * Fix potential NULL dereference in
debugging mode on certain platforms for TTLS and PEAP inner tunnels.
* Fix uninitialized memory in handling of vendor definitions * Fix parsing
of quoted (but non-string) attributes in the "users" file. * Initialize
uknown NAS IP to 255.255.255.255, rather than 0.0.0.0 * use SUN_LEN in
control socket, to avoid truncation on some platforms. * Correct internal
handling of "debug condition" to prevent it from being over-written.
* Check return code of regcomp in "unlang", so that invalid regular
expressions are caught rather than mishandled. * Make rlm_sql use <ltdl.h>.
Addresses bug #610. * Document list "type = status" better. Closes bug
#580. * Set "default days" for certificates, because OpenSSL won't do it.
This closes bug #615. * Reference correct list in example
raddb/modules/ldap. Closes #596. * Increase default schema size for Acct-
Session-Id to 64. Closes #540. * Fix use of temporary files in dialup-
admin. Closes #605 and addresses CVE-2008-4474. * Addressed a
number of minor issues found by Coverity. * Added DHCP option 150 to the
dictionary. Closes #618.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Dec 4 2008 John Dennis <jdennis at redhat.com> - 2.1.3-1
- upgrade to latest upstream release, upstream summary follows:
The focus of this release is stability.
Feature Improvements:
* Allow running with "user=radiusd" and binding to secure sockets.
* Start sending Status-Server "are you alive" messages earlier, which
helps with proxying multiple realms to a home server.
* Removed thread pool code from rlm_perl. It's not necessary.
* Added example Perl configuration to raddb/modules/perl
* Force OpenSSL to support certificates with SHA256. This seems to be
necessary for WiMAX certs.
Bug fixes:
* Fix Debian patch to allow it to build.
* Fix potential NULL dereference in debugging mode on certain
platforms for TTLS and PEAP inner tunnels.
* Fix uninitialized memory in handling of vendor definitions
* Fix parsing of quoted (but non-string) attributes in the "users" file.
* Initialize uknown NAS IP to 255.255.255.255, rather than 0.0.0.0
* use SUN_LEN in control socket, to avoid truncation on some platforms.
* Correct internal handling of "debug condition" to prevent it from
being over-written.
* Check return code of regcomp in "unlang", so that invalid regular
expressions are caught rather than mishandled.
* Make rlm_sql use <ltdl.h>. Addresses bug #610.
* Document list "type = status" better. Closes bug #580.
* Set "default days" for certificates, because OpenSSL won't do it.
This closes bug #615.
* Reference correct list in example raddb/modules/ldap. Closes #596.
* Increase default schema size for Acct-Session-Id to 64. Closes #540.
* Fix use of temporary files in dialup-admin. Closes #605 and
addresses CVE-2008-4474.
* Addressed a number of minor issues found by Coverity.
* Added DHCP option 150 to the dictionary. Closes #618.
* Wed Dec 3 2008 John Dennis <jdennis at redhat.com> - 2.1.1-8
- add --with-system-libtool to configure as a workaround for
undefined reference to lt__PROGRAM__LTX_preloaded_symbols
* Mon Dec 1 2008 John Dennis <jdennis at redhat.com> - 2.1.1-7
- add obsoletes tag for dialupadmin subpackages which were removed
* Mon Dec 1 2008 John Dennis <jdennis at redhat.com> - 2.1.1-5
- add readline-devel BuildRequires
* Fri Nov 21 2008 John Dennis <jdennis at redhat.com> - 2.1.1-3
- make spec file buildable on RHEL5.2 by making perl-devel a fedora only dependency.
- remove diaupadmin packages, it's not well supported and there are problems with it.
* Fri Sep 26 2008 John Dennis <jdennis at redhat.com> - 2.1.1-1
- Resolves: bug #464119 bootstrap code could not create initial certs in /etc/raddb/certs because
permissions were 750, radiusd running as euid radiusd could not write there, permissions now 770
* Thu Sep 25 2008 John Dennis <jdennis at redhat.com> - 2.1.1-1
- upgrade to new upstream 2.1.1 release
* Wed Jul 30 2008 John Dennis <jdennis at redhat.com> - 2.0.5-2
- Resolves: bug #453761: FreeRADIUS %post should not include chown -R
specify file attributes for /etc/raddb/ldap.attrmap
fix consistent use of tabs/spaces (rpmlint warning)
* Mon Jun 9 2008 John Dennis <jdennis at redhat.com> - 2.0.5-1
- upgrade to latest upstream, see Changelog for details,
upstream now has more complete fix for bug #447545, local patch removed
* Wed May 28 2008 John Dennis <jdennis at redhat.com> - 2.0.4-1
- upgrade to latest upstream, see Changelog for details
- resolves: bug #447545: freeradius missing /etc/raddb/sites-available/inner-tunnel
* Fri May 16 2008 <jdennis at redhat.com> - 2.0.3-3
- # Temporary fix for bug #446864, turn off optimization
* Fri Apr 18 2008 John Dennis <jdennis at redhat.com> - 2.0.3-2
- remove support for radrelay, it's different now
- turn off default inclusion of SQL config files in radiusd.conf since SQL
is an optional RPM install
- remove mssql config files
* Thu Apr 17 2008 John Dennis <jdennis at redhat.com> - 2.0.3-1
- Upgrade to current upstream 2.0.3 release
- Many thanks to Enrico Scholz for his spec file suggestions incorporated here
- Resolve: bug #438665: Contains files owned by buildsystem
- Add dialupadmin-mysql, dialupadmin-postgresql, dialupadmin-ldap subpackages
to further partition external dependencies.
- Clean up some unnecessary requires dependencies
- Add versioned requires between subpackages
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update freeradius' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list