-FreeRADIUS 3.0.13 Thur 29 Sep 2016 13:00:00 EDT urgency=medium
+FreeRADIUS 3.0.15 Fri 26 May 2017 13:00:00 EDT urgency=medium
+ Feature improvements
+ Bug fixes
+
+FreeRADIUS 3.0.14 Fri 26 May 2017 13:00:00 EDT urgency=medium
+ Feature improvements
+ * Enforce TLS client certificate expiration on
+ session resumption, and Session-Timeout.
+ See CVE-2017-9148.
+ * Updated dictionary.cisco.vpn3000, dictionary.patton
+ * Added dictionary.dellemc
+ * Lowered the log output for failed PEAP sessions.
+ * ALlow utc in rlm_date. Patch from
+ Peter Lambrechtsen.
+ * The internal OpenSSL session cache has been
+ disabled. Please see mods-available/eap
+ * Update detail reader documentation.
+ Patch from Matthew Newton. Fixes #1973.
+ * Make outgoing RadSec connections non-blocking.
+ * Add SQL backing to Moonshot-*-TargetedId
+ generation. Patch from Stefan Paetow.
+
+ Bug fixes
+ * radtest uses Cleartext-Password for EAP, not
+ User-Password.
+ * Update documentation for mods-enabled/ linking.
+ * Enhanced checks for moonshot salt. Fixes #1933.
+ * Allow session resumption for RadSec connections.
+ Fixes #1936.
+ * Update "huntgroups" file to note that port ranges
+ are not supported.
+ * Fix OpenSSL permissions issues on default key files.
+ Fixes #1941.
+ * Certificates are not required when PSK is used.
+ * Allow SubjectAltName as first extension in cert.
+ Fixes #1946.
+ * Fixed talloc issue with TLS session resumption.
+ Fixes #1980.
+ * "&Attr-26 := 0x01" now produces useful error messages.
+ * Handle connection error in rlm_ldap_cacheable_groupobj.
+ Fixes #1951.
+ * Fix endian issues in DHCP.
+ * Multiple minor fixes for Coverity complaints.
+ * Handle unexpected regex. Fixes #1959.
+ * Fix minor issues in dictionaries.
+ * Fix typos and grammar. Patches from Alan Buxey.
+ * Fix erroneous VP creation in rlm_preproces.
+ * Fix MIB. Patch from Jeff Gehlbach.
+ * Trust router updates from Alejandro Perez.
+ * Allow build with LibreSSL. Fixes #1989
+ * Use correct packet for channel bindings. Fixes #1990.
+ * Many fixes found by PVS-Studio. Thanks to PVS-Studio
+ for giving us a test license. Please see the git commit
+ history for more information.
+ * Fix incorrect length check in EAP-PWD. This may
+ be exploitable.
+
+FreeRADIUS 3.0.13 Mon 06 Mar 2017 13:00:00 EDT urgency=medium
Feature improvements
* Add dictionary.rfc7930. Note that we do not implement
the RFC.
in the detail file reader.
* Update abfab-tr policy. Pull request #1893
from Stefan Paetow.
+ * Reject packets which contain User-Password and
+ EAP-Message.
+ * Add example for filtering Access-Challenge.
+ See sites-enabled/default.
+ * Pull symlink fixes from v4.0.x. Fixes #1859.
+ * Add systemd reload. Not everything is reloaded, but
+ some is. Fixes #1662.
+ * Better documentation for listen "ipaddr". Fixes #1921
+ * Add dictionary.cnergee, updated dictionary.nomadix.
+ * radclient no longer needs -x to print statistics with -s.
Bug fixes
* Minor typos. Fixes #1763
Fixes #1879.
* Set Module-Failure-Message for more EAP errors.
* Correct typo in dictionary.rfc5580. Fixes #1882
+ * Remove obselete systemd syslog.target.
+ * Client-Port-Balance load-balancing now uses client port.
+ * Radrelay examples fixed from Alex Clouter.
* Update systemd target. Pull request #1896.
* Trim starting whitespace in xlat strings.
* Get MySQL result lengths using normal API.
+ * suid down after fchown(). Fixes #1914.
+ * Fix cases of comparing pointer to NUL character. Fixes #1915.
+ * OpenSSL v1.1 fixes. Pull request #1921.
+ * Better Handle v4/v6 host names. Pull request #1919.
+ * Remove "Auth-Type = System" from docs and examples.
+ * Don't crash on malformed %{home_server}. Fixes #1922
+ * fix erroneous use of talloc destructor in rlm_eap
+ * Issue trigger modules.sql.fail. Fixes #1923
+ * Document python_path gotcha's. Fixes #1845
+ * dlopen() the specific version of Python. Fixes #1592
FreeRADIUS 3.0.12 Thur 29 Sep 2016 13:00:00 EDT urgency=medium
Feature improvements