Hello, I am unable to start the freeradius due to openssl vulnerability issue. Please find the debug log. ----------- Refusing to start with libssl version OpenSSL 1.0.1e-fips 11 Feb 2013 0x1000105f (1.0.1e release) (in range 1.0.1 dev - 1.0.1f release) Security advisory CVE-2014-0160 (Heartbleed) For more information see http://heartbleed.com Once you have verified libssl has been correctly patched, set security.allow_vulnerable_openssl = 'CVE-2014-0160' ------------ I have confirmed that I have applied the patch for this bug. ----------- [root@radius raddb]# openssl version OpenSSL 1.0.1e-fips 11 Feb 2013 [root@radius raddb]# rpm -q --changelog openssl | grep CVE-2014-0160 - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension [root@radius raddb]# -------------- Is it safe to enable the allow_vulnerable_openssl = yes in radiusd.conf file? Otherwise I will update the openssl to OpenSSL 1.0.1g version. Please suggest.