Debian Package Tracker

general

source: freeradius (main)
version: 3.0.20+dfsg-3
maintainer: Debian FreeRADIUS Packaging Team (archive) (DMD)
uploaders: Sam Hartman [DMD] – Mark Hymers [DMD] – Bernhard Schmidt [DMD]
arch: all any
std-ver: 4.4.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.2.5+dfsg-0.2+deb8u1
o-o-sec: 2.2.5+dfsg-0.2+deb8u1
oldstable: 3.0.12+dfsg-5+deb9u1
old-sec: 3.0.12+dfsg-5+deb9u1
stable: 3.0.17+dfsg-1.1
testing: 3.0.20+dfsg-1
unstable: 3.0.20+dfsg-3

versioned links

2.2.5+dfsg-0.2+deb8u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.12+dfsg-5+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.17+dfsg-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.20+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.20+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

freeradius (5 bugs: 0, 4, 1, 0)
freeradius-common
freeradius-config
freeradius-dhcp
freeradius-iodbc
freeradius-krb5
freeradius-ldap (2 bugs: 0, 2, 0, 0)
freeradius-memcached
freeradius-mysql (2 bugs: 0, 2, 0, 0)
freeradius-postgresql (1 bugs: 0, 1, 0, 0)
freeradius-python3
freeradius-redis
freeradius-rest
freeradius-utils
freeradius-yubikey
libfreeradius-dev
libfreeradius3

action needed

Marked for autoremoval on 22 December: #936558 high

Version 3.0.20+dfsg-1 of freeradius is marked for autoremoval from testing on Sun 22 Dec 2019. It is affected by #936558. You should try to prevent the removal by fixing these RC bugs.

Created: 2019-11-28 Last update: 2019-12-16 09:30

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 2-day delay is over. Check why.

Created: 2019-12-12 Last update: 2019-12-16 09:23

1 bug tagged help in the BTS normal

The BTS contains 1 bug tagged help, please consider helping the maintainer in dealing with it.

Created: 2019-03-21 Last update: 2019-12-16 09:06

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2019-04-01 Last update: 2019-12-16 09:06

RFH: The maintainer is looking for help with this package. normal

The current maintainer is looking for someone who can help with the maintenance of this package. If you are interested in this package, please consider helping out. One way you can help is offer to be a co-maintainer or triage bugs in the BTS. Please see bug number #933376 for more information.

Created: 2019-02-23 Last update: 2019-07-30 01:12

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2015-4680: FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.

Please fix it.

Created: 2015-07-12 Last update: 2019-12-10 12:30

3 ignored security issues in stretch low

There are 3 open security issues in stretch.

3 issues skipped by the security teams:

CVE-2019-13456: In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the "Dragonblood" attack and CVE-2019-9494.
CVE-2019-11235: FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499.
CVE-2019-11234: FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.

Please fix them.

Created: 2019-04-16 Last update: 2019-12-10 12:30

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2019-08-10 Last update: 2019-08-10 23:35

testing migrations

excuses:
- Migration status: Blocked. Can't migrate due to a non-migratable dependency. Check status below.
- Blocked by: libxcrypt
- Migration status for freeradius (3.0.20+dfsg-1 to 3.0.20+dfsg-3): BLOCKED: Cannot migrate due to another item, which is blocked (please check which dependencies are stuck)
- Issues preventing migration:
- Invalidated by dependency
- Depends: freeradius libxcrypt (not considered)
- Additional info:
- Updating freeradius fixes old bugs: #936558
- Piuparts tested OK - https://piuparts.debian.org/sid/source/f/freeradius.html
- Required age reduced by 3 days because of autopkgtest
- 6 days old (needed 2 days)
- Not considered

news

[rss feed]

[2019-12-09] Accepted freeradius 3.0.20+dfsg-3 (source) into unstable (Bernhard Schmidt)
[2019-12-06] Accepted freeradius 3.0.20+dfsg-2 (source all amd64) into experimental, experimental (Bernhard Schmidt)
[2019-12-02] freeradius 3.0.20+dfsg-1 MIGRATED to testing (Debian testing watch)
[2019-11-29] Accepted freeradius 3.0.20+dfsg-1 (source) into unstable (Bernhard Schmidt)
[2019-08-24] freeradius 3.0.19+dfsg-3 MIGRATED to testing (Debian testing watch)
[2019-08-24] freeradius 3.0.19+dfsg-3 MIGRATED to testing (Debian testing watch)
[2019-08-21] Accepted freeradius 3.0.19+dfsg-3 (source) into unstable (Bernhard Schmidt)
[2019-08-04] freeradius 3.0.19+dfsg-2 MIGRATED to testing (Debian testing watch)
[2019-08-01] Accepted freeradius 3.0.19+dfsg-2 (source) into unstable (Bernhard Schmidt)
[2019-07-29] Accepted freeradius 3.0.19+dfsg-1 (source) into unstable (Bernhard Schmidt)
[2019-04-25] freeradius 3.0.17+dfsg-1.1 MIGRATED to testing (Debian testing watch)
[2019-04-22] Accepted freeradius 3.0.17+dfsg-1.1 (source) into unstable (Bernhard Schmidt)
[2019-01-09] freeradius 3.0.17+dfsg-1 MIGRATED to testing (Debian testing watch)
[2019-01-07] Accepted freeradius 3.0.17+dfsg-1 (source) into unstable (Michael Stapelberg)
[2018-12-17] freeradius 3.0.16+dfsg-5 MIGRATED to testing (Debian testing watch)
[2018-12-14] Accepted freeradius 3.0.16+dfsg-5 (source) into unstable (Michael Stapelberg)
[2018-10-16] freeradius 3.0.16+dfsg-4.1 MIGRATED to testing (Debian testing watch)
[2018-10-11] Accepted freeradius 3.0.16+dfsg-4.1 (all amd64 source) into unstable, unstable (Dimitri John Ledkov)
[2018-05-19] freeradius 3.0.16+dfsg-3 MIGRATED to testing (Debian testing watch)
[2018-03-20] Accepted freeradius 3.0.16+dfsg-3 (source) into unstable (Michael Stapelberg)
[2018-02-25] Accepted freeradius 3.0.16+dfsg-2 (source) into unstable (Michael Stapelberg)
[2018-01-22] Accepted freeradius 3.0.16+dfsg-1 (source) into unstable (Michael Stapelberg)
[2017-12-29] freeradius REMOVED from testing (Debian testing watch)
[2017-08-25] Accepted freeradius 2.1.12+dfsg-1.2+deb7u2 (source amd64 all) into oldoldstable (Markus Koschany)
[2017-08-20] freeradius 3.0.15+dfsg-2 MIGRATED to testing (Debian testing watch)
[2017-08-15] Accepted freeradius 3.0.15+dfsg-2 (source) into unstable (Michael Stapelberg)
[2017-08-11] Accepted freeradius 2.2.5+dfsg-0.2+deb8u1 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Michael Stapelberg)
[2017-08-11] Accepted freeradius 3.0.12+dfsg-5+deb9u1 (source all amd64) into proposed-updates->stable-new, proposed-updates (Michael Stapelberg)
[2017-07-23] freeradius 3.0.15+dfsg-1 MIGRATED to testing (Debian testing watch)
[2017-07-18] Accepted freeradius 3.0.15+dfsg-1 (source) into unstable (Michael Stapelberg)

bugs [bug history graph]

all: 12
RC: 0
I&N: 10
M&W: 2
F&P: 0
patch: 1
help: 1

links

homepage
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.0.20+dfsg-3
5 bugs