[PATCH 1/1] fix version check for openssl vulnerability
Christian Hesse
list at eworm.de
Fri Sep 14 21:26:35 CEST 2018
From: Christian Hesse <mail at eworm.de>
Actually this was version 1.1.0, not 1.1.1.
Signed-off-by: Christian Hesse <mail at eworm.de>
---
src/main/tls.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/main/tls.c b/src/main/tls.c
index f60fa2dbd0..1545b1a0d2 100644
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -79,8 +79,8 @@ static libssl_defect_t libssl_defects[] =
.comment = "For more information see https://www.openssl.org/news/secadv/20160926.txt"
},
{
- .low = 0x01010100f, /* 1.1.0 */
- .high = 0x01010100f, /* 1.1.0 */
+ .low = 0x01010000f, /* 1.1.0 */
+ .high = 0x01010000f, /* 1.1.0 */
.id = "CVE-2016-6304",
.name = "OCSP status request extension",
.comment = "For more information see https://www.openssl.org/news/secadv/20160922.txt"
More information about the Freeradius-Devel
mailing list