[Apollo] Advisories Statistics light light Login

RLSA-2023:2870

Security Mirrored from RHSA-2023:2870
Issued at: 2026-06-26
Updated at: 2026-06-30

Synopsis

Moderate: freeradius:3.0 security update



Description

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service (RADIUS) server, designed to allow centralized authentication and authorization for a network.

Security Fix(es):

* freeradius: Information leakage in EAP-PWD (CVE-2022-41859)

* freeradius: Crash on unknown option in EAP-SIM (CVE-2022-41860)

* freeradius: Crash on invalid abinary data (CVE-2022-41861)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2078483 2078485 2078487

CVEs

CVE-2022-41859 CVE-2022-41860 CVE-2022-41861

Affected packages

Rocky Linux 8 x86_64 - AppStream

freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.src.rpm freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-devel-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-doc-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-krb5-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-ldap-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-mysql-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-perl-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-postgresql-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-rest-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-sqlite-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-unixODBC-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm freeradius-utils-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm python3-freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.x86_64.rpm

Rocky Linux 8 aarch64 - AppStream

freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.src.rpm freeradius-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-debugsource-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-krb5-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-ldap-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-mysql-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-perl-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-postgresql-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-rest-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-sqlite-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-unixODBC-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-utils-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm python3-freeradius-debuginfo-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-devel-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-doc-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-krb5-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-ldap-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-mysql-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-perl-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-postgresql-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-rest-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-sqlite-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-unixODBC-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm freeradius-utils-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm python3-freeradius-0:3.0.20-14.module+el8.8.0+1130+46a6e0a1.aarch64.rpm