14 Dec
2015
14 Dec
'15
8:59 a.m.
On Dec 14, 2015, at 8:56 AM, Adam Bishop <Adam.Bishop@jisc.ac.uk> wrote:
CentOS 7.2 is using OpenSSL 1.0.1e out of the box so *should* be unaffected...
Hopefully.
Is there a test for this issue (in the test suite or with eapol_test/radtest etc.) so I can make sure RedHat haven't helpfully backported the bug?
Jouni Malinin had a test, which involved GNU TLS on the client, and some esoteric TLS methods. i.e. the problem isn't *common*, but it's not exactly negligible, either. Alan DeKok.