[PATCH 1/1] fix version check for openssl vulnerability

Christian Hesse list at eworm.de
Fri Sep 14 21:26:35 CEST 2018


From: Christian Hesse <mail at eworm.de>

Actually this was version 1.1.0, not 1.1.1.

Signed-off-by: Christian Hesse <mail at eworm.de>
---
 src/main/tls.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/tls.c b/src/main/tls.c
index f60fa2dbd0..1545b1a0d2 100644
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -79,8 +79,8 @@ static libssl_defect_t libssl_defects[] =
 		.comment	= "For more information see https://www.openssl.org/news/secadv/20160926.txt"
 	},
 	{
-		.low		= 0x01010100f,		/* 1.1.0  */
-		.high		= 0x01010100f,		/* 1.1.0  */
+		.low		= 0x01010000f,		/* 1.1.0  */
+		.high		= 0x01010000f,		/* 1.1.0  */
 		.id		= "CVE-2016-6304",
 		.name		= "OCSP status request extension",
 		.comment	= "For more information see https://www.openssl.org/news/secadv/20160922.txt"


More information about the Freeradius-Devel mailing list