Hi,
Oct 16 06:41:31 net3 radiusd[5251]: Refusing to start with libssl version OpenSSL 1.0.1e-fips 11 Feb 2013 (in range 1.0.1 - 1.0.1f). Security advisory CVE-2014-0160 (Heartbleed) Oct 16 06:41:31 net3 radiusd[5251]: For more information see http://heartbleed.com
yes - if you run in full debug mode you will see exactly what you need to do to fix this...as long as you know you are patched, go to radiusd.conf, visit the security {} section and put/edit the allow_vulnerable_ssl = 'xxxxxxx' where xxxxx is the CVE code as printed in the debug output
I'm also surprised "openssl version" shows the same string for both openssl-1.0.1e-16.el6_5.7.x86_64 and openssl-1.0.1e-42.el6.x86_64:
exactly. thats the problem...the vendors are backporting things to older versions rather then upgrading the version provided alan