From nobody@FreeBSD.org  Wed Dec  9 13:38:16 2009
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0D363106566B
	for <freebsd-gnats-submit@FreeBSD.org>; Wed,  9 Dec 2009 13:38:16 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id EFD788FC18
	for <freebsd-gnats-submit@FreeBSD.org>; Wed,  9 Dec 2009 13:38:15 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id nB9DcFw5089177
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 9 Dec 2009 13:38:15 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id nB9DcFmn089176;
	Wed, 9 Dec 2009 13:38:15 GMT
	(envelope-from nobody)
Message-Id: <200912091338.nB9DcFmn089176@www.freebsd.org>
Date: Wed, 9 Dec 2009 13:38:15 GMT
From: "Danilo G. Baio" <dbaio@bs2.com.br>
To: freebsd-gnats-submit@FreeBSD.org
Subject: FreeRadius < 1.1.8 Remote Packet of Death Exploit (CVE-2009-3111)
X-Send-Pr-Version: www-3.1
X-GNATS-Notify: david@wood2.org.uk

>Number:         141318
>Category:       ports
>Synopsis:       net/freeradius < 1.1.8 Remote Packet of Death Exploit (CVE-2009-3111)
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    delphij
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Dec 09 13:40:00 UTC 2009
>Closed-Date:    Tue Dec 15 00:41:40 UTC 2009
>Last-Modified:  Tue Dec 15 00:50:00 UTC 2009
>Originator:     Danilo G. Baio
>Release:        7.2-8.0
>Organization:
BS2 Internet
>Environment:
>Description:
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
  <vuln vid="1b3f854b-e4bd-11de-b276-000d8787e1be">
    <topic> freeradius -- A free RADIUS server implementation </topic>
    <affects>
      <package>
   <name>freeradius</name>
   <range><le>1.1.7_4</le></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
   <p>freeRADIUS Vulnerability Notifications reports:</p>
   <blockquote cite="http://freeradius.org/security.html">
     <p>2009.09.09 v1.1.7 - Anyone who can send packets to
        the server can crash it by sending a Tunnel-Password
        attribute in an Access-Request packet. This
        vulnerability is not otherwise exploitable. We have
        released 1.1.8 to correct this vulnerability.

        This issue is similar to the previous Tunnel-Password
        issue noted below. The vulnerable versions are 1.1.3
        through 1.1.7. Version 2.x is not affected.
     </p>
   </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2009-3111</cvename>
      <url>http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3111</url>
      <url>http://freeradius.org/security.html</url>
      <url>http://www.milw0rm.com/exploits/9642</url>
    </references>
    <dates>
      <discovery>2009-09-09</discovery>
      <entry>2009-12-09</entry>
    </dates>
  </vuln>
>How-To-Repeat:

>Fix:


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: edwin 
State-Changed-When: Wed Dec 9 20:37:16 UTC 2009 
State-Changed-Why:  
Awaiting maintainers feedback (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=141318 

From: Edwin Groothuis <edwin@FreeBSD.org>
To: david@wood2.org.uk
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/141318: net/FreeRadius < 1.1.8 Remote Packet of Death Exploit (CVE-2009-3111)
Date: Wed, 9 Dec 2009 20:37:15 UT

 Maintainer of net/freeradius,
 
 Please note that PR ports/141318 has just been submitted.
 
 If it contains a patch for an upgrade, an enhancement or a bug fix
 you agree on, reply to this email stating that you approve the patch
 and a committer will take care of it.
 
 The full text of the PR can be found at:
     http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/141318
 
 -- 
 Edwin Groothuis via the GNATS Auto Assign Tool
 edwin@FreeBSD.org
Responsible-Changed-From-To: freebsd-ports-bugs->wen 
Responsible-Changed-By: wen 
Responsible-Changed-When: Sun Dec 13 04:00:42 UTC 2009 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=141318 

From: wen heping <wenheping@gmail.com>
To: bug-followup@FreeBSD.org, dbaio@bs2.com.br
Cc: Wen Heping <wen@freebsd.org>
Subject: Re: ports/141318: net/freeradius &lt; 1.1.8 Remote Packet of Death 
	Exploit (CVE-2009-3111)
Date: Sun, 13 Dec 2009 12:04:53 +0800

 --001636e0a55b545706047a9442f5
 Content-Type: multipart/alternative; boundary=001636e0a55b5456fc047a9442f3
 
 --001636e0a55b5456fc047a9442f3
 Content-Type: text/plain; charset=ISO-8859-1
 
 And here is the diff file to update net/freeradius to 1.1.8
 
 wen
 
 --001636e0a55b5456fc047a9442f3
 Content-Type: text/html; charset=ISO-8859-1
 
 And here is the diff file to update net/freeradius to 1.1.8<br><br>wen<br>
 
 --001636e0a55b5456fc047a9442f3--
 --001636e0a55b545706047a9442f5
 Content-Type: text/plain; charset=US-ASCII; name="freeradius118.diff.txt"
 Content-Disposition: attachment; filename="freeradius118.diff.txt"
 Content-Transfer-Encoding: base64
 X-Attachment-Id: f_g35am3f30
 
 LS0tIE1ha2VmaWxlLm9yaWcJMjAwOS0xMi0xMyAxMjowMjowNy4wMDAwMDAwMDAgKzA4MDAKKysr
 IE1ha2VmaWxlCTIwMDktMTItMTMgMTI6MDE6NTQuMDAwMDAwMDAwICswODAwCkBAIC02LDggKzYs
 NyBAQAogIwogCiBQT1JUTkFNRT0JZnJlZXJhZGl1cwotUE9SVFZFUlNJT04/PQkxLjEuNwotUE9S
 VFJFVklTSU9OPz0JNAorUE9SVFZFUlNJT04/PQkxLjEuOAogQ0FURUdPUklFUz0JbmV0CiBNQVNU
 RVJfU0lURVM9CWZ0cDovL2Z0cC5mcmVlcmFkaXVzLm9yZy9wdWIvZnJlZXJhZGl1cy8lU1VCRElS
 JS8gXAogCQlmdHA6Ly9mdHAubnR1YS5nci9wdWIvbmV0L3JhZGl1cy9mcmVlcmFkaXVzLyVTVUJE
 SVIlLyBcCi0tLSBkaXN0aW5mby5vcmlnCTIwMDktMTItMTMgMTI6MDI6MTcuMDAwMDAwMDAwICsw
 ODAwCisrKyBkaXN0aW5mbwkyMDA5LTEyLTEzIDA4OjMzOjE3LjAwMDAwMDAwMCArMDgwMApAQCAt
 MSwzICsxLDMgQEAKLU1ENSAoZnJlZXJhZGl1cy0xLjEuNy50YXIuYnoyKSA9IGQ5NWQzMDNhZGNj
 ZGFhMDY1ZTRiYjFkNTAzOGIyNDUyCi1TSEEyNTYgKGZyZWVyYWRpdXMtMS4xLjcudGFyLmJ6Mikg
 PSA0ZmExODBkNWFmYTRhZTk1N2VmYmFkNTQxYmU4NDA4ZmM0ZjY4Mzc5MzM3OTNkNGIzMDkxMDgw
 MmExZWEyY2YwCi1TSVpFIChmcmVlcmFkaXVzLTEuMS43LnRhci5iejIpID0gMjA2MzI3OAorTUQ1
 IChmcmVlcmFkaXVzLTEuMS44LnRhci5iejIpID0gZDM2NzQ1MmE4MzdiYmU4ZDljODczMWUyMWRj
 NDM1OTMKK1NIQTI1NiAoZnJlZXJhZGl1cy0xLjEuOC50YXIuYnoyKSA9IDljMDQ1M2Q5NjFhYjRl
 NThmZjgyYWRhNTYzZjQ3ODZkNGE5MWQzMmU0YmY2YTAxMzE0N2I1M2ZhMDI0OTVhNWYKK1NJWkUg
 KGZyZWVyYWRpdXMtMS4xLjgudGFyLmJ6MikgPSAyMDExOTk1Cg==
 --001636e0a55b545706047a9442f5--
State-Changed-From-To: feedback->open 
State-Changed-By: delphij 
State-Changed-When: Tue Dec 15 00:33:02 UTC 2009 
State-Changed-Why:  
Take (with secteam@ hat). 


Responsible-Changed-From-To: wen->delphij 
Responsible-Changed-By: delphij 
Responsible-Changed-When: Tue Dec 15 00:33:02 UTC 2009 
Responsible-Changed-Why:  
Take (with secteam@ hat). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=141318 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/141318: commit references a PR
Date: Tue, 15 Dec 2009 00:39:28 +0000 (UTC)

 delphij     2009-12-15 00:39:19 UTC
 
   FreeBSD ports repository
 
   Modified files:
     security/vuxml       vuln.xml 
   Log:
   Document freeradius remote packet of death exploit (CVE 2009-3111)
   
   Submitted by:   "Danilo G. Baio" <dbaio bs2 com br>
   PR:             ports/141318
   
   Revision  Changes    Path
   1.2087    +36 -1     ports/security/vuxml/vuln.xml
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->closed 
State-Changed-By: delphij 
State-Changed-When: Tue Dec 15 00:41:23 UTC 2009 
State-Changed-Why:  
Committed with minor changes, thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=141318 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/141318: commit references a PR
Date: Tue, 15 Dec 2009 00:41:32 +0000 (UTC)

 delphij     2009-12-15 00:41:18 UTC
 
   FreeBSD ports repository
 
   Modified files:
     net/freeradius       Makefile distinfo 
   Log:
   Security update to 1.1.8.
   
   Submitted by:   wen
   PR:             ports/141318
   Security:       1b3f854b-e4bd-11de-b276-000d8787e1be
   Security:       CVE-2009-3111
   With hat:       ports-security
   
   Revision  Changes    Path
   1.71      +1 -2      ports/net/freeradius/Makefile
   1.22      +3 -3      ports/net/freeradius/distinfo
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
