Brian Julin wrote: > A cursory look suggests we may use some of the effected codepaths > in CVE-2012-2110 > (http://lists.grok.org.uk/pipermail/full-disclosure/2012-April/086585.html) > and given that FreeRADIUS often deals with certificates from > sources that are not under direct control of administrators (dot1x clients, > federation servers, etc.) this might be worth a news page post.
Done, thanks. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
