VDB

GCVE-110-MAGEIA-2015-291

GCVE-110-MAGEIA-2015-291
Advisory Published
Vulnetix · Advisory published July 28, 2015
The FreeRADIUS server relies on OpenSSL to perform certificate validation, including Certificate Revocation List (CRL) checks. The FreeRADIUS usage of OpenSSL, in CRL application, limits the checks to leaf certificates, therefore not detecting revocation of intermediate CA certificates. An unexpired client certificate, issued by an intermediate CA with a revoked certificate, is therefore accepted by FreeRADIUS (CVE-2015-4680). The freeradius package has been updated to version 2.2.8, which fixes this issue, as well as the failure to run on Mageia 5 due to an OpenSSL issue.

Affected Products

VendorProductVersionsPlatforms
Mageiafreeradius0 (affected), 2.2.8-1.mga5 (unaffected)
Mageiafreeradius0 (affected), 2.2.8-1.mga4 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›