lp:ubuntu/dapper-updates/freeradius

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

11. By William Grant on 2007-11-20

* SECURITY UPDATE: possible EAP-MSCHAPv2 authentication bypass (LP:
  #164000) and denial of service in EAP-TTLS module (LP: #106006).
* debian/patches/20_CVE-2006-1354.dpatch: Properly validate input, to ensure
  that bad authentication requests are rejected. Patch from upstream CVS.
* debian/patches/21_CVE-2007-2028.dpatch: Properly free VALUE_PAIR
  structures on rejected authentication, to avoid memory leaks. Patch from
  Red Hat Bugzilla.
* References
  CVE-2006-1354
  CVE-2007-2028

10. By Jérémie Corbier on 2006-05-08

Init script makes sure /var/run/freeradius exists and is owned by the
the right user (Closes: Malone #39205).

9. By Adam Conrad on 2006-05-01

* Correct version number to reflect that we have an Ubuntu diff.
* Correct shebang line in 14-freeradius-dictonary-fix.patch to note
  that it's a dpatch script, not a POSIX shell script, fixing FTBFS.

8. By Chuck Short on 2006-04-24

debian/patches/14-freeradius-dictonary-fix.patch.
Added patch to fix dupes and errors in the dictonary files.
(Closes: Malone #36657)

7. By Adam Conrad on 2006-04-06

Rebuild against the new libmysqlclient15off with correct symbols.

6. By Paul Hampson <email address hidden> on 2006-01-15

* ReDebianise upstream tarball:
  - Deleted RFCs: 2243 2289 2433 2548 2618 2619 2620 2621 2716 2759 2809 2865
                  2866 2867 2868 2869 2882 2924 3162 3575 3576 3579 3580
                  draft-kamath-pppext-eap-mschapv2-00

* New FreeRADIUS modules marked stable by new upstream release
  - rlm_perl
  - rlm_sqlcounter
  - rlm_sql_log + radsqlrelay
  - rlm_otp (formerly rlm_x99_token, not built as it depends on OpenSSL)

* Remove upstream-integrated patches:
  - 02_EAP-SIM_doesnt_need_openssl
  - 03_X99_is_not_stable
  - 07_manpage_fixups
  - 09_use_crypth_if_we_have_it
  - 10_escape_entire_ldap_string
  - 11_dont_xlat_possibly_bad_usernames_in_bad_accounting_packets
  - 12_dialup_admin_various_fixes

* More dialup-admin fixes from Arve Seljebu
  - Fix redirects in dialup-admin pages on servers with
    register_globals turned off.
    Closes: #333704
  - HTTP form fields will always fail is_int, use in_numeric instead
    Closes: #335149
  - Created 12_more_dialup_admin_various_fixes

* Update to Policy 3.6.2.0
* Upgrade Debhelper support to V5
* Don't install the .in files with the examples
* Prefer libmysqlclient15-dev
  Closes: #343779
* Shared secrets can only be 31 characters long, note this in clients.conf
  - Created 02_document_actual_shared_secret_maximum_length
  Closes: 344606
* Added support for lsb-init functions

5. By Paul Hampson <email address hidden> on 2005-10-16

* Stop dragging non-PIC code from libeap.a into rlm_eap_sim.so and
  rlm_eap.so.
  (Thanks to Peter Salinger)
  Closes: #288547
  - Rename 06_libtool14_vs_rlm_eap_tls to 06_libtool14_vs_rlm_eap
    and modify with Peter's changes and some Makefile hackery to
    get it all linking
* Don't rerun configure during the build.
  (Thanks to Kurt Roeckx)
* A whole bunch of dialup-admin fixes from Arve Seljebu and Tobias
  - Report correct data transfer statistics for users
    Closes: #329672
  - Lower-case sql column names to match creation scripts
    Closes: #333709
  - Fix creation of empty groups
    Closes: #333739
  - Put quote around usernames in HTML output
    Closes: #333742
  - Properly notice when we've got a blank password to SQL
    Closes: #333744
  - Created 12_dialup_admin_various_fixes
* Stop using libtool1.4 to build against, now that we can't have it and
  libltdl3-dev installed at the same time
  Closes: #279391
  - Created 13_a_libtool14_to_call_your_own to get most recent ltmain.sh

4. By Paul Hampson <email address hidden> on 2005-06-27

* Fix my email address in the dpatches
* Remove extraneous ^g from man/man5/clients.conf.5
  - Created 04_bonus_control_code_in_clients_conf_5
* Correct handing of parameterless call of init script, and
  general init script neatening
  (Thanks to Derrick Karpo)
  Closes: #315438
* Correctly leave out the .in files in the examples
* Correctly use debhelper after splitting binary make target
  into binary-arch and binary-indep.
  (Thanks to Kurt Roeckx for actually hitting the bug)
  Closes: #315770
* Steal fix from CVS release_1_0 tree for rlm_sql quoted values.
  (Thanks to Nicolas Baradakis for the fix)
  - Upstream bugzilla #242, src/modules/rlm_sql/sql.c 1.79.2.2
  - Created 05_unbreak_quoted_sql_values

3. By Paul Hampson <email address hidden> on 2004-12-29

* freeradius-dialupadmin Suggests php4-mysql | php4-pgsql
   Closes: #279419
* Added a two-second pause to restart in init.d script
   Closes: #262635
* FreeRADIUS module packages now depend on the same source
  version of the main FreeRADIUS package.
   Closes: #284353
* FreeRADIUS-dialupadmin's default paths in admin.conf are
  now correct.
   Closes: #280942
* FreeRADIUS-dialupadmin's help.php3 can now find README.
   Closes: #280941
* Fixes stolen from 1.0.2 CVS:
  - Bug fix to make udpfromto code work
  - radrelay shouldn't dump core if it can't read a VP from the
    detail file.
  - Only initialize the random pool once.
  - In rlm_sql, don't escape characters twice.
  - In rlm_ldap, only claim Auth-Type if a plain text password is present.
  - Locking fixes in threading code
  - Fix building on gcc-4.0 by not trying to access static auth_port from
    other files.

2. By Paul Hampson <email address hidden> on 2004-02-24

* New upstream release, incorporates security fix from 0.9.2-4.
* Correct build-dependancy on debhelper.
   Closes: #234486
* Split iodbc SQL driver into its own package.