I wanna install freeradius 3.0.7 when I run radiusd -x Debugger not attached Refusing to start with libssl version OpenSSL 1.0.1e 11 Feb 2013 0x1000105f (1.0.1e release) (in range 1.0.1 dev - 1.0.1f release) Security advisory CVE-2014-0160 (Heartbleed) For more information see http://heartbleed.com Once you have verified libssl has been correctly patched, set security.allow_vulnerable_openssl = 'CVE-2014-0160'
On 13 Apr 2015, at 16:36, sandy.napoles@eccmg.cupet.cu wrote:
I wanna install freeradius 3.0.7 when I run radiusd -x
Debugger not attached Refusing to start with libssl version OpenSSL 1.0.1e 11 Feb 2013 0x1000105f (1.0.1e release) (in range 1.0.1 dev - 1.0.1f release) Security advisory CVE-2014-0160 (Heartbleed) For more information see http://heartbleed.com Once you have verified libssl has been correctly patched, set security.allow_vulnerable_openssl = 'CVE-2014-0160'
Install, and build against, a newer version of OpenSSL. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS development team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
Either upgrade your openssl and rebuild against that version or, if you believe or know that your openssl is good/safe against that CVE issue (distros patch their versions but don't update the version) then simply state allow_vulnerable_openssl = 'CVE-2014-0160' In the security section of radius.conf as per the debug output and docs alan
On 14-04-15 10:00, Alan Buxey wrote:
Either upgrade your openssl and rebuild against that version or, if you believe or know that your openssl is good/safe against that CVE issue (distros patch their versions but don't update the version) then simply state
allow_vulnerable_openssl = 'CVE-2014-0160'
In the security section of radius.conf as per the debug output and docs
Or configure with "--disable-openssl-version-check", if you trust your distro well enough to keep SSL up to date. -- Herwin Weststrate
Hello Alan, This message was for me? BR 2015-04-14 10:00 GMT+02:00 Alan Buxey <A.L.M.Buxey@lboro.ac.uk>:
Either upgrade your openssl and rebuild against that version or, if you believe or know that your openssl is good/safe against that CVE issue (distros patch their versions but don't update the version) then simply state
allow_vulnerable_openssl = 'CVE-2014-0160'
In the security section of radius.conf as per the debug output and docs
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
participants (6)
-
A.L.M.Buxey@lboro.ac.uk -
Alan Buxey -
Arran Cudbard-Bell -
Herwin Weststrate -
Javier Ruiz Escalante -
sandy.napoles@eccmg.cupet.cu