Apple Security Advisory 2017-10-31-12 - Additional information for the APPLE-SA-2017-09-25-9 macOS Server 5.4 advisory has been provided that relates to FreeRADIUS and Postfix.
ab7f1016be63a4d64acf9e8afda8cb266e256bd54b6c0f883eb1a5a8a72517ed
Apple Security Advisory 2017-09-25-9 - macOS Server 5.4 is now available and addresses multiple vulnerabilities in FreeRADIUS.
55e8bc0b8dac96f5d4ea0c8772595685f930c0aabdaf38ed83e4aefe2c18f431
Red Hat Security Advisory 2017-2389-01 - FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attributes in request packets. A remote attacker could use this flaw to crash the FreeRADIUS server or to execute arbitrary code in the context of the FreeRADIUS server process by sending a specially crafted request packet.
b13587cc0c566f3c27fa6579b08097257b0081860b09191feb3c980a18036c6e
Ubuntu Security Notice 3369-1 - Guido Vranken discovered that FreeRADIUS incorrectly handled memory when decoding packets. A remote attacker could use this issue to cause FreeRADIUS to crash or hang, resulting in a denial of service, or possibly execute arbitrary code.
2d7269bf484f6ead1a2687767dc01354af1b32f08cd2d4f72d0baaf9e1c1f6c3
Red Hat Security Advisory 2017-1759-01 - FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attributes in request packets. A remote attacker could use this flaw to crash the FreeRADIUS server or to execute arbitrary code in the context of the FreeRADIUS server process by sending a specially crafted request packet.
c15bef609eb1ab913d68d88b4c2dc9457c9749eb8feb7d799a533157a6978ec0