Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
freeradius-server-3.0.23-1.5 on GA media
Notes
Title of the patch
freeradius-server-3.0.23-1.5 on GA media
Description of the patch
These are all security issues fixed in the freeradius-server-3.0.23-1.5 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10767
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "freeradius-server-3.0.23-1.5 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the freeradius-server-3.0.23-1.5 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10767", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10767-1.json", }, { category: "self", summary: "SUSE CVE CVE-2008-4474 page", url: "https://www.suse.com/security/cve/CVE-2008-4474/", }, { category: "self", summary: "SUSE CVE CVE-2015-4680 page", url: "https://www.suse.com/security/cve/CVE-2015-4680/", }, { category: "self", summary: "SUSE CVE CVE-2015-8763 page", url: "https://www.suse.com/security/cve/CVE-2015-8763/", }, { category: "self", summary: "SUSE CVE CVE-2017-10978 page", url: "https://www.suse.com/security/cve/CVE-2017-10978/", }, { category: "self", summary: "SUSE CVE CVE-2017-10983 page", url: "https://www.suse.com/security/cve/CVE-2017-10983/", }, { category: "self", summary: "SUSE CVE CVE-2017-10984 page", url: "https://www.suse.com/security/cve/CVE-2017-10984/", }, { category: "self", summary: "SUSE CVE CVE-2017-10985 page", url: "https://www.suse.com/security/cve/CVE-2017-10985/", }, { category: "self", summary: "SUSE CVE CVE-2017-10986 page", url: "https://www.suse.com/security/cve/CVE-2017-10986/", }, { category: "self", summary: "SUSE CVE CVE-2017-10987 page", url: "https://www.suse.com/security/cve/CVE-2017-10987/", }, { category: "self", summary: "SUSE CVE CVE-2017-10988 page", url: "https://www.suse.com/security/cve/CVE-2017-10988/", }, { category: "self", summary: "SUSE CVE CVE-2017-9148 page", url: "https://www.suse.com/security/cve/CVE-2017-9148/", }, { category: "self", summary: "SUSE CVE CVE-2019-11234 page", url: "https://www.suse.com/security/cve/CVE-2019-11234/", }, { category: "self", summary: "SUSE CVE CVE-2019-13456 page", url: "https://www.suse.com/security/cve/CVE-2019-13456/", }, { category: "self", summary: "SUSE CVE CVE-2019-17185 page", url: "https://www.suse.com/security/cve/CVE-2019-17185/", }, ], title: "freeradius-server-3.0.23-1.5 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10767-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "freeradius-server-3.0.23-1.5.aarch64", product: { name: "freeradius-server-3.0.23-1.5.aarch64", product_id: "freeradius-server-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-devel-3.0.23-1.5.aarch64", product: { name: "freeradius-server-devel-3.0.23-1.5.aarch64", product_id: "freeradius-server-devel-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-doc-3.0.23-1.5.aarch64", product: { name: "freeradius-server-doc-3.0.23-1.5.aarch64", product_id: "freeradius-server-doc-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-krb5-3.0.23-1.5.aarch64", product: { name: "freeradius-server-krb5-3.0.23-1.5.aarch64", product_id: "freeradius-server-krb5-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-ldap-3.0.23-1.5.aarch64", product: { name: "freeradius-server-ldap-3.0.23-1.5.aarch64", product_id: "freeradius-server-ldap-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", product: { name: "freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", product_id: "freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-libs-3.0.23-1.5.aarch64", product: { name: "freeradius-server-libs-3.0.23-1.5.aarch64", product_id: "freeradius-server-libs-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-mysql-3.0.23-1.5.aarch64", product: { name: "freeradius-server-mysql-3.0.23-1.5.aarch64", product_id: "freeradius-server-mysql-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-perl-3.0.23-1.5.aarch64", product: { name: "freeradius-server-perl-3.0.23-1.5.aarch64", product_id: "freeradius-server-perl-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-postgresql-3.0.23-1.5.aarch64", product: { name: "freeradius-server-postgresql-3.0.23-1.5.aarch64", product_id: "freeradius-server-postgresql-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-python3-3.0.23-1.5.aarch64", product: { name: "freeradius-server-python3-3.0.23-1.5.aarch64", product_id: "freeradius-server-python3-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-sqlite-3.0.23-1.5.aarch64", product: { name: "freeradius-server-sqlite-3.0.23-1.5.aarch64", product_id: "freeradius-server-sqlite-3.0.23-1.5.aarch64", }, }, { category: "product_version", name: "freeradius-server-utils-3.0.23-1.5.aarch64", product: { name: "freeradius-server-utils-3.0.23-1.5.aarch64", product_id: "freeradius-server-utils-3.0.23-1.5.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "freeradius-server-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-3.0.23-1.5.ppc64le", product_id: "freeradius-server-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-devel-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-devel-3.0.23-1.5.ppc64le", product_id: "freeradius-server-devel-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-doc-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-doc-3.0.23-1.5.ppc64le", product_id: "freeradius-server-doc-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-krb5-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-krb5-3.0.23-1.5.ppc64le", product_id: "freeradius-server-krb5-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-ldap-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-ldap-3.0.23-1.5.ppc64le", product_id: "freeradius-server-ldap-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", product_id: "freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-libs-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-libs-3.0.23-1.5.ppc64le", product_id: "freeradius-server-libs-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-mysql-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-mysql-3.0.23-1.5.ppc64le", product_id: "freeradius-server-mysql-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-perl-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-perl-3.0.23-1.5.ppc64le", product_id: "freeradius-server-perl-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-postgresql-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-postgresql-3.0.23-1.5.ppc64le", product_id: "freeradius-server-postgresql-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-python3-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-python3-3.0.23-1.5.ppc64le", product_id: "freeradius-server-python3-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-sqlite-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-sqlite-3.0.23-1.5.ppc64le", product_id: "freeradius-server-sqlite-3.0.23-1.5.ppc64le", }, }, { category: "product_version", name: "freeradius-server-utils-3.0.23-1.5.ppc64le", product: { name: "freeradius-server-utils-3.0.23-1.5.ppc64le", product_id: "freeradius-server-utils-3.0.23-1.5.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "freeradius-server-3.0.23-1.5.s390x", product: { name: "freeradius-server-3.0.23-1.5.s390x", product_id: "freeradius-server-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-devel-3.0.23-1.5.s390x", product: { name: "freeradius-server-devel-3.0.23-1.5.s390x", product_id: "freeradius-server-devel-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-doc-3.0.23-1.5.s390x", product: { name: "freeradius-server-doc-3.0.23-1.5.s390x", product_id: "freeradius-server-doc-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-krb5-3.0.23-1.5.s390x", product: { name: "freeradius-server-krb5-3.0.23-1.5.s390x", product_id: "freeradius-server-krb5-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-ldap-3.0.23-1.5.s390x", product: { name: "freeradius-server-ldap-3.0.23-1.5.s390x", product_id: "freeradius-server-ldap-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-ldap-schemas-3.0.23-1.5.s390x", product: { name: "freeradius-server-ldap-schemas-3.0.23-1.5.s390x", product_id: "freeradius-server-ldap-schemas-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-libs-3.0.23-1.5.s390x", product: { name: "freeradius-server-libs-3.0.23-1.5.s390x", product_id: "freeradius-server-libs-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-mysql-3.0.23-1.5.s390x", product: { name: "freeradius-server-mysql-3.0.23-1.5.s390x", product_id: "freeradius-server-mysql-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-perl-3.0.23-1.5.s390x", product: { name: "freeradius-server-perl-3.0.23-1.5.s390x", product_id: "freeradius-server-perl-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-postgresql-3.0.23-1.5.s390x", product: { name: "freeradius-server-postgresql-3.0.23-1.5.s390x", product_id: "freeradius-server-postgresql-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-python3-3.0.23-1.5.s390x", product: { name: "freeradius-server-python3-3.0.23-1.5.s390x", product_id: "freeradius-server-python3-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-sqlite-3.0.23-1.5.s390x", product: { name: "freeradius-server-sqlite-3.0.23-1.5.s390x", product_id: "freeradius-server-sqlite-3.0.23-1.5.s390x", }, }, { category: "product_version", name: "freeradius-server-utils-3.0.23-1.5.s390x", product: { name: "freeradius-server-utils-3.0.23-1.5.s390x", product_id: "freeradius-server-utils-3.0.23-1.5.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "freeradius-server-3.0.23-1.5.x86_64", product: { name: "freeradius-server-3.0.23-1.5.x86_64", product_id: "freeradius-server-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-devel-3.0.23-1.5.x86_64", product: { name: "freeradius-server-devel-3.0.23-1.5.x86_64", product_id: "freeradius-server-devel-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-doc-3.0.23-1.5.x86_64", product: { name: "freeradius-server-doc-3.0.23-1.5.x86_64", product_id: "freeradius-server-doc-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-krb5-3.0.23-1.5.x86_64", product: { name: "freeradius-server-krb5-3.0.23-1.5.x86_64", product_id: "freeradius-server-krb5-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-ldap-3.0.23-1.5.x86_64", product: { name: "freeradius-server-ldap-3.0.23-1.5.x86_64", product_id: "freeradius-server-ldap-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", product: { name: "freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", product_id: "freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-libs-3.0.23-1.5.x86_64", product: { name: "freeradius-server-libs-3.0.23-1.5.x86_64", product_id: "freeradius-server-libs-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-mysql-3.0.23-1.5.x86_64", product: { name: "freeradius-server-mysql-3.0.23-1.5.x86_64", product_id: "freeradius-server-mysql-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-perl-3.0.23-1.5.x86_64", product: { name: "freeradius-server-perl-3.0.23-1.5.x86_64", product_id: "freeradius-server-perl-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-postgresql-3.0.23-1.5.x86_64", product: { name: "freeradius-server-postgresql-3.0.23-1.5.x86_64", product_id: "freeradius-server-postgresql-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-python3-3.0.23-1.5.x86_64", product: { name: "freeradius-server-python3-3.0.23-1.5.x86_64", product_id: "freeradius-server-python3-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-sqlite-3.0.23-1.5.x86_64", product: { name: "freeradius-server-sqlite-3.0.23-1.5.x86_64", product_id: "freeradius-server-sqlite-3.0.23-1.5.x86_64", }, }, { category: "product_version", name: "freeradius-server-utils-3.0.23-1.5.x86_64", product: { name: "freeradius-server-utils-3.0.23-1.5.x86_64", product_id: "freeradius-server-utils-3.0.23-1.5.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "freeradius-server-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-devel-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-devel-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-devel-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-devel-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-devel-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-devel-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-devel-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-devel-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-doc-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-doc-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-doc-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-doc-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-doc-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-doc-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-doc-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-doc-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-krb5-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-krb5-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-krb5-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-krb5-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-krb5-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-krb5-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-krb5-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-krb5-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-ldap-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-ldap-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-ldap-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-ldap-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-ldap-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-ldap-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-ldap-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-ldap-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-ldap-schemas-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-ldap-schemas-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-ldap-schemas-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-ldap-schemas-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-libs-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-libs-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-libs-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-libs-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-libs-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-libs-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-libs-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-libs-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-mysql-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-mysql-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-mysql-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-mysql-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-mysql-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-mysql-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-mysql-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-mysql-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-perl-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-perl-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-perl-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-perl-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-perl-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-perl-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-perl-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-perl-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-postgresql-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-postgresql-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-postgresql-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-postgresql-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-postgresql-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-postgresql-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-postgresql-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-postgresql-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-python3-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-python3-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-python3-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-python3-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-python3-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-python3-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-python3-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-python3-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-sqlite-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-sqlite-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-sqlite-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-sqlite-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-sqlite-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-sqlite-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-sqlite-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-sqlite-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-utils-3.0.23-1.5.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", }, product_reference: "freeradius-server-utils-3.0.23-1.5.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-utils-3.0.23-1.5.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", }, product_reference: "freeradius-server-utils-3.0.23-1.5.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-utils-3.0.23-1.5.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", }, product_reference: "freeradius-server-utils-3.0.23-1.5.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "freeradius-server-utils-3.0.23-1.5.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", }, product_reference: "freeradius-server-utils-3.0.23-1.5.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2008-4474", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2008-4474", }, ], notes: [ { category: "general", text: "freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files in (1) backup_radacct, (2) clean_radacct, (3) monthly_tot_stats, (4) tot_stats, and (5) truncate_radacct.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2008-4474", url: "https://www.suse.com/security/cve/CVE-2008-4474", }, { category: "external", summary: "SUSE Bug 433762 for CVE-2008-4474", url: "https://bugzilla.suse.com/433762", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2008-4474", }, { cve: "CVE-2015-4680", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-4680", }, ], notes: [ { category: "general", text: "FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-4680", url: "https://www.suse.com/security/cve/CVE-2015-4680", }, { category: "external", summary: "SUSE Bug 935573 for CVE-2015-4680", url: "https://bugzilla.suse.com/935573", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2015-4680", }, { cve: "CVE-2015-8763", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8763", }, ], notes: [ { category: "general", text: "The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8763", url: "https://www.suse.com/security/cve/CVE-2015-8763", }, { category: "external", summary: "SUSE Bug 961479 for CVE-2015-8763", url: "https://bugzilla.suse.com/961479", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2015-8763", }, { cve: "CVE-2017-10978", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-10978", }, ], notes: [ { category: "general", text: "An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows \"Read / write overflow in make_secret()\" and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-10978", url: "https://www.suse.com/security/cve/CVE-2017-10978", }, { category: "external", summary: "SUSE Bug 1049086 for CVE-2017-10978", url: "https://bugzilla.suse.com/1049086", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-10978", }, { cve: "CVE-2017-10983", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-10983", }, ], notes: [ { category: "general", text: "An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows \"DHCP - Read overflow when decoding option 63\" and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-10983", url: "https://www.suse.com/security/cve/CVE-2017-10983", }, { category: "external", summary: "SUSE Bug 1049086 for CVE-2017-10983", url: "https://bugzilla.suse.com/1049086", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-10983", }, { cve: "CVE-2017-10984", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-10984", }, ], notes: [ { category: "general", text: "An FR-GV-301 issue in FreeRADIUS 3.x before 3.0.15 allows \"Write overflow in data2vp_wimax()\" - this allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-10984", url: "https://www.suse.com/security/cve/CVE-2017-10984", }, { category: "external", summary: "SUSE Bug 1049086 for CVE-2017-10984", url: "https://bugzilla.suse.com/1049086", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-10984", }, { cve: "CVE-2017-10985", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-10985", }, ], notes: [ { category: "general", text: "An FR-GV-302 issue in FreeRADIUS 3.x before 3.0.15 allows \"Infinite loop and memory exhaustion with 'concat' attributes\" and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-10985", url: "https://www.suse.com/security/cve/CVE-2017-10985", }, { category: "external", summary: "SUSE Bug 1049086 for CVE-2017-10985", url: "https://bugzilla.suse.com/1049086", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-10985", }, { cve: "CVE-2017-10986", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-10986", }, ], notes: [ { category: "general", text: "An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows \"DHCP - Infinite read in dhcp_attr2vp()\" and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-10986", url: "https://www.suse.com/security/cve/CVE-2017-10986", }, { category: "external", summary: "SUSE Bug 1049086 for CVE-2017-10986", url: "https://bugzilla.suse.com/1049086", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-10986", }, { cve: "CVE-2017-10987", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-10987", }, ], notes: [ { category: "general", text: "An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows \"DHCP - Buffer over-read in fr_dhcp_decode_suboptions()\" and a denial of service.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-10987", url: "https://www.suse.com/security/cve/CVE-2017-10987", }, { category: "external", summary: "SUSE Bug 1049086 for CVE-2017-10987", url: "https://bugzilla.suse.com/1049086", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-10987", }, { cve: "CVE-2017-10988", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-10988", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-10988", url: "https://www.suse.com/security/cve/CVE-2017-10988", }, { category: "external", summary: "SUSE Bug 1049086 for CVE-2017-10988", url: "https://bugzilla.suse.com/1049086", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-10988", }, { cve: "CVE-2017-9148", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-9148", }, ], notes: [ { category: "general", text: "The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-9148", url: "https://www.suse.com/security/cve/CVE-2017-9148", }, { category: "external", summary: "SUSE Bug 1041445 for CVE-2017-9148", url: "https://bugzilla.suse.com/1041445", }, { category: "external", summary: "SUSE Bug 1046141 for CVE-2017-9148", url: "https://bugzilla.suse.com/1046141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2017-9148", }, { cve: "CVE-2019-11234", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-11234", }, ], notes: [ { category: "general", text: "FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a \"Dragonblood\" issue, a similar issue to CVE-2019-9497.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-11234", url: "https://www.suse.com/security/cve/CVE-2019-11234", }, { category: "external", summary: "SUSE Bug 1132664 for CVE-2019-11234", url: "https://bugzilla.suse.com/1132664", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-11234", }, { cve: "CVE-2019-13456", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-13456", }, ], notes: [ { category: "general", text: "In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the \"Dragonblood\" attack and CVE-2019-9494.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-13456", url: "https://www.suse.com/security/cve/CVE-2019-13456", }, { category: "external", summary: "SUSE Bug 1144524 for CVE-2019-13456", url: "https://bugzilla.suse.com/1144524", }, { category: "external", summary: "SUSE Bug 1166858 for CVE-2019-13456", url: "https://bugzilla.suse.com/1166858", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-13456", }, { cve: "CVE-2019-17185", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-17185", }, ], notes: [ { category: "general", text: "In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a Denial-of-Service (DoS) attack.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-17185", url: "https://www.suse.com/security/cve/CVE-2019-17185", }, { category: "external", summary: "SUSE Bug 1166847 for CVE-2019-17185", url: "https://bugzilla.suse.com/1166847", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-devel-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-doc-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-krb5-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-ldap-schemas-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-libs-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-mysql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-perl-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-postgresql-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-python3-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-sqlite-3.0.23-1.5.x86_64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.aarch64", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.ppc64le", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.s390x", "openSUSE Tumbleweed:freeradius-server-utils-3.0.23-1.5.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2019-17185", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.