Hi Nick, It seems to me that both rhel 6.7 and centos 6.7 have same last patched freeradius version: https://rhn.redhat.com/errata/RHBA-2015-1829.html https://lists.centos.org/pipermail/centos-announce/2015-September/021404.htm... freeradius.x86_64 2.2.6-6.el6_7 as well as same openssl openssl.x86_64 1.0.1e-42.el6 Regards, Paolo.
On 13 ott 2015, at 10:20, Nick Lowe <nick.lowe@gmail.com> wrote:
Red Hat have an update available for their affected 6.7 release:
https://rhn.redhat.com/errata/RHBA-2015-1829.html
If you're running CentOS 6.7, you're likely out of luck until 6.8 becomes available:
https://bugs.centos.org/view.php?id=9295
(That bug report has seemingly been ignored.)
As this is making a lot of noise with Android 6.0 (Marshmallow), please consider releasing a 3.x and discretionary, under protest 2.x release sooner rather than later to close the loop of known possible issues:
https://code.google.com/p/android/issues/detail?id=188867
https://code.google.com/p/android-developer-preview/issues/detail?id=2136
I agree that there aren't likely to be many sites using OpenSSL 1.0.2 at this point in time, worth nipping in the bud though. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
------------------------------------------------------------------------------------------------ Paolo Barbato Consorzio RFX corso Stati Uniti,4 35127 Padova - Italy Network Administrator phone: +39 049 8295097 fax: +39 049 8700718 ------------------------------------------------------------------------------------------------