+2012-10-25 1.6.2
+ Bug fixes (security):
+ - Fix the issue with verification of clients when using multiple
+ 'tls' config blocks (RADSECPROXY-43) for DTLS too. Fixes
+ CVE-2012-4566 (CVE id corrected 2012-11-01, after the release of
+ 1.6.2). Reported by Raphael Geissert.
+
2012-09-14 1.6.1
Bug fixes (security):
- When verifying clients, don't consider config blocks with CA
settings ('tls') which differ from the one used for verifying the
- certificate chain. Reported by Ralf Paffrath. (RADSECPROXY-43)
+ certificate chain. Reported by Ralf Paffrath. (RADSECPROXY-43,
+ CVE-2012-4523).
Bug fixes:
- Make naptr-eduroam.sh check NAPTR type case insensitively.