Replace radsecret script to avoid new perl dependencies from universe
Bug #2073269 reported by
Christian Ehrhardt
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
freeradius (Ubuntu) |
Fix Released
|
Undecided
|
Andreas Hasenack | ||
libconvert-base32-perl (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned | ||
libcrypt-urandom-perl (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
https:/
shows freeradius depending on libconvert-
Evaluate the new freeradius please if we want to file MIRs for them OR if we want to modify the dependencies.
Related branches
~ahasenack/ubuntu/+source/freeradius:oracular-freeradius-replace-radsecret
Merged
into
ubuntu/+source/freeradius:ubuntu/devel
at
revision 4b70aa177d67f3a828ff0a4945f1bf0ca4cd43e1
- git-ubuntu bot: Approve
- Mitchell Dzurick (community): Approve
- Canonical Server Core Reviewers: Pending requested
- Canonical Server Reporter: Pending requested
-
Diff: 82 lines (+39/-3)4 files modifieddebian/changelog (+11/-0)
debian/control (+2/-3)
debian/patches/replace-radsecret.patch (+25/-0)
debian/patches/series (+1/-0)
CVE References
Changed in freeradius (Ubuntu): | |
status: | New → Incomplete |
Changed in libcrypt-urandom-perl (Ubuntu): | |
status: | New → Incomplete |
Changed in freeradius (Ubuntu): | |
status: | Incomplete → Confirmed |
Changed in libcrypt-urandom-perl (Ubuntu): | |
status: | Incomplete → Won't Fix |
Changed in libconvert-base32-perl (Ubuntu): | |
status: | Incomplete → Won't Fix |
summary: |
- [MIR] libconvert-base32-perl and libcrypt-urandom-perl + Replace radsecret script to avoid new perl dependencies from universe |
Changed in freeradius (Ubuntu): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
status: | Confirmed → In Progress |
tags: | added: server-todo |
tags: | added: update-excuse |
Changed in freeradius (Ubuntu): | |
status: | In Progress → Fix Committed |
To post a comment you must log in.
The freeradius update to 3.2.5 enabled a new binary and two new modules, as part of the BlastRADIUS vulnerability (CVE-2024-3596) mitigations:
+ * New upstream version 3.2.5+dfsg
+ This release adds a few hardening mitigations for the BlastRADIUS protocol
+ vulnerability (CVE-2024-3596).
+ - add new radsecret binary
+ - add new rlm_dpsk and rlm_eap_teap modules
The new libconvert- base32- perl and libcrypt- urandom- perl dependencies come from radsecret, which is this 3-liner:
#!/usr/bin/env perl base32( Crypt:: URandom: :urandom( 12)))), "\n";
#
# A tool which generates strong shared secrets.
#
use Convert::Base32;
use Crypt::URandom();
print join('-', unpack("(A4)*", lc encode_
There has to be a different way to do this that does not involve moving these perl modules to main...
$ src/main/radsecret a5bc-5pvf- woua
voaq-pxzx-
$ src/main/radsecret dd2j-bxz2- tmuq
e7y3-vqwl-