Dear Debian LTS users, Bernhard (FreeRADIUS debian maintainer), Bastien and myself (with the kind help from Alan DeKok - upstream maintainer) have been preparing freeradius updates that mitigate the Blast-RADIUS issue for both bookworm and bullseye.
To mitigate the vulnerability, RADIUS servers and clients need to handle a Message-Authenticator attribute in access requests and responses, as it is the case with the freeradius updates. However, it has been reported that third-party equipment could have some issues with the behaviour required to mitigate the vulnerability. We would like to inform FreeRADIUS users that would upgrade their debian packages about the known incompatibilities, via debian/NEWS. For that, it would be great to have more feedback from users that are able to test the preview packages in their infrastructure. If you are able to test the preview packages, they are available from the apt repositories as described at: * bookworm: https://debian.pages.debian.net/-/freeradius/-/jobs/6100052/artifacts/aptly/index.html * bullseye: https://debian.pages.debian.net/-/freeradius/-/jobs/6156294/artifacts/aptly/index.html More information and details about a couple of known issues can be found at https://bugs.debian.org/1076022. Please, report to the same bug report about any new issue you may find. The release plan is to make the bookworm package available via the next point update release, and publish the bullseye's package afterwards. Thank you! -- Santiago
signature.asc
Description: PGP signature
