Alec Berryman
2006-May-15 14:54 UTC
[Secure-testing-team] Bug#359042: freeradius: dpatch for CVE-2006-1354: "EAP-MSCHAPv2 vulnerability"
Package: freeradius Followup-For: Bug #359042 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Attached dpatch is reformatted from revision 1.11 of src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c. The fix applies and compiles, but I have not done further testing. However, this is the same fix Red Hat applied to their freeradius package; see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=186083. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEaI3hAud/2YgchcQRAov1AJ48R7V5U8tQJkEk609/KcxH6a0FjACfaVQs 7gDpqgCN+LN7kyFAp8D0t2s=Gq/J -----END PGP SIGNATURE----- -------------- next part -------------- A non-text attachment was scrubbed... Name: CVE-2006-1354.dpatch Type: application/x-shellscript Size: 905 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20060515/0eeef32a/CVE-2006-1354.bin