-FreeRADIUS 3.0.13 Thur 29 Sep 2016 13:00:00 EDT urgency=medium
+FreeRADIUS 3.0.15 Fri 26 May 2017 13:00:00 EDT urgency=medium
+ Feature improvements
+ Bug fixes
+
+FreeRADIUS 3.0.14 Fri 26 May 2017 13:00:00 EDT urgency=medium
+ Feature improvements
+ * Enforce TLS client certificate expiration on
+ session resumption, and Session-Timeout.
+ See CVE-2017-9148.
+ * Updated dictionary.cisco.vpn3000, dictionary.patton
+ * Added dictionary.dellemc
+ * Lowered the log output for failed PEAP sessions.
+ * ALlow utc in rlm_date. Patch from
+ Peter Lambrechtsen.
+ * The internal OpenSSL session cache has been
+ disabled. Please see mods-available/eap
+ * Update detail reader documentation.
+ Patch from Matthew Newton. Fixes #1973.
+ * Make outgoing RadSec connections non-blocking.
+ * Add SQL backing to Moonshot-*-TargetedId
+ generation. Patch from Stefan Paetow.
+
+ Bug fixes
+ * radtest uses Cleartext-Password for EAP, not
+ User-Password.
+ * Update documentation for mods-enabled/ linking.
+ * Enhanced checks for moonshot salt. Fixes #1933.
+ * Allow session resumption for RadSec connections.
+ Fixes #1936.
+ * Update "huntgroups" file to note that port ranges
+ are not supported.
+ * Fix OpenSSL permissions issues on default key files.
+ Fixes #1941.
+ * Certificates are not required when PSK is used.
+ * Allow SubjectAltName as first extension in cert.
+ Fixes #1946.
+ * Fixed talloc issue with TLS session resumption.
+ Fixes #1980.
+ * "&Attr-26 := 0x01" now produces useful error messages.
+ * Handle connection error in rlm_ldap_cacheable_groupobj.
+ Fixes #1951.
+ * Fix endian issues in DHCP.
+ * Multiple minor fixes for Coverity complaints.
+ * Handle unexpected regex. Fixes #1959.
+ * Fix minor issues in dictionaries.
+ * Fix typos and grammar. Patches from Alan Buxey.
+ * Fix erroneous VP creation in rlm_preproces.
+ * Fix MIB. Patch from Jeff Gehlbach.
+ * Trust router updates from Alejandro Perez.
+ * Allow build with LibreSSL. Fixes #1989
+ * Use correct packet for channel bindings. Fixes #1990.
+ * Many fixes found by PVS-Studio. Thanks to PVS-Studio
+ for giving us a test license. Please see the git commit
+ history for more information.
+ * Fix incorrect length check in EAP-PWD. This may
+ be exploitable.
+
+FreeRADIUS 3.0.13 Mon 06 Mar 2017 13:00:00 EDT urgency=medium
Feature improvements
* Add dictionary.rfc7930. Note that we do not implement
the RFC.
* OpenSSL 1.1.0 compatibility fixes.
* rlm_perl: radiusd::xlat to evaluate xlat string
within perl script
+ * Allow authentication retry in winbind. Patch from
+ Herwin Weststrate. See raddb/mods-available/mschap.
+ * Added "recv-coa" method to rlm_rest. It behaves the
+ same as "authorize".
+ * Document Trust Router tr_port option. Patch from
+ Stefan Paetow.
+ * Update elasticsearch/logstash examples so that they work
+ with elastic stack v5. Patch from Matthew Newton.
+ * Print information about packets, replies, and contents
+ in the detail file reader.
+ * Update abfab-tr policy. Pull request #1893
+ from Stefan Paetow.
+ * Reject packets which contain User-Password and
+ EAP-Message.
+ * Add example for filtering Access-Challenge.
+ See sites-enabled/default.
+ * Pull symlink fixes from v4.0.x. Fixes #1859.
+ * Add systemd reload. Not everything is reloaded, but
+ some is. Fixes #1662.
+ * Better documentation for listen "ipaddr". Fixes #1921
+ * Add dictionary.cnergee, updated dictionary.nomadix.
+ * radclient no longer needs -x to print statistics with -s.
Bug fixes
* Minor typos. Fixes #1763
* Many miscellaneous fixes and typos.
* Allow long strings in %{%{foo} bar:-%{baz} blah".
Fixes #1866
+ * Fix filtering operators, along with more documentation and
+ more tests for them.
+ * Fix OpenSSL fixes. Fixes #1876.
+ * Finish SQL select queries even when SELECT returns no rows.
+ Fixes #1879.
+ * Set Module-Failure-Message for more EAP errors.
+ * Correct typo in dictionary.rfc5580. Fixes #1882
+ * Remove obselete systemd syslog.target.
+ * Client-Port-Balance load-balancing now uses client port.
+ * Radrelay examples fixed from Alex Clouter.
+ * Update systemd target. Pull request #1896.
+ * Trim starting whitespace in xlat strings.
+ * Get MySQL result lengths using normal API.
+ * suid down after fchown(). Fixes #1914.
+ * Fix cases of comparing pointer to NUL character. Fixes #1915.
+ * OpenSSL v1.1 fixes. Pull request #1921.
+ * Better Handle v4/v6 host names. Pull request #1919.
+ * Remove "Auth-Type = System" from docs and examples.
+ * Don't crash on malformed %{home_server}. Fixes #1922
+ * fix erroneous use of talloc destructor in rlm_eap
+ * Issue trigger modules.sql.fail. Fixes #1923
+ * Document python_path gotcha's. Fixes #1845
+ * dlopen() the specific version of Python. Fixes #1592
FreeRADIUS 3.0.12 Thur 29 Sep 2016 13:00:00 EDT urgency=medium
Feature improvements