Subject: pkg/14850: Remote Buffer Overflow in pkgsrc/net/radius
To: None <>
From: Martti Kuparinen <>
List: netbsd-bugs
Date: 12/06/2001 10:17:27
>Number:         14850
>Category:       pkg
>Synopsis:       Remote Buffer Overflow in pkgsrc/net/radius
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Thu Dec 06 01:20:00 PST 2001
>Originator:     Martti Kuparinen
>Release:        NetBSD 1.5.2
System: NetBSD dhcp118 1.5.2 NetBSD 1.5.2 (KAYAK) #0: Wed Oct 3 11:34:19 PDT 2001 root@dhcp118:/usr/src/sys/arch/i386/compile/KAYAK i386


The current pkgsrc/net/radius package has security problems
as described in

To update this package we need to do the following in addition
to the normal procedures:

- fix MASTER_SITES as the old site doesn't have the sources anymore
- maybe add LICENSE=merit-radius?
- is it possible to have Kerberos 5 support?