Error
Herwin Weststrate
herwin at quarantainenet.nl
Tue Apr 14 10:51:17 CEST 2015
On 14-04-15 10:00, Alan Buxey wrote:
> Either upgrade your openssl and rebuild against that version or, if
> you believe or know that your openssl is good/safe against that CVE
> issue (distros patch their versions but don't update the version)
> then simply state
>
> allow_vulnerable_openssl = 'CVE-2014-0160'
>
> In the security section of radius.conf as per the debug output and
> docs
Or configure with "--disable-openssl-version-check", if you trust your
distro well enough to keep SSL up to date.
--
Herwin Weststrate
More information about the Freeradius-Users
mailing list