OpenSSL vulnerability may affect FreeRADIUS
http://www.openssl.org/news/secadv_20060905.txt
From my preliminary reading, this may only affect people using
EAP-TLS. PEAP and EAP-TTLS do not validate certificates on the server
side, so they may not be vulnerable.
Still, it's probably worth upgrading OpenSSL.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.