How to link to openssl if two versions of libssl are on the system, when building FreeRadius on Debian wheezy 7.4?
Matthew Newton
mcn4 at leicester.ac.uk
Fri May 16 15:24:35 CEST 2014
On Fri, May 16, 2014 at 03:52:36PM +0300, Rani Ahmed wrote:
> I have from Debian wheezy repository : OpenSSL 1.0.1*e* as a binary
> package. Already installed on the normal location /usr/lib. => Heartbleed
> bug.
Debian's openssl 1.0.1e packaged has been patched, so it's not
vulnerable if you're up-to-date with the latest package.
They, like other distributions, annoyingly don't update the
version number. So you have to set
> allow_vulnerable_openssl = yes
If you build FR from source as a package, this is all sorted for
you - the allow_vulnerable_openssl is automatically set, because
the built backage will depend on the correct (patched) version of
openssl.
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list