[ANN] Release 3.0.4 rc1

Arran Cudbard-Bell a.cudbardb at freeradius.org
Mon Jun 2 13:17:45 CEST 2014

On 2 Jun 2014, at 11:55, Herwin Weststrate <herwin at quarantainenet.nl> wrote:

> I'm having a little inconvenience with the generated Debian packages,
> they fail to start, trying to protect you from the heartbleed bug
> Mon Jun  2 12:33:57 2014 : Error: Refusing to start with libssl version
> OpenSSL 1.0.1e 11 Feb 2013 0x01000105f (1.0.1e-15) (in range 1.0.1-0 -
> 1.0.1f-15)
> Mon Jun  2 12:33:57 2014 : Error: Security advisory CVE-2014-0160
> (Heartbleed)
> Mon Jun  2 12:33:57 2014 : Error: For more information see
> http://heartbleed.com
> However, this issue has been backported by Debian in libssl version
> 1.0.1e-2+deb7u5. A fix for this has been propesed and merged in #590
> <https://github.com/FreeRADIUS/freeradius-server/pull/590>. However,
> this fix got reverted in commit
> 55a7773512221d698beb02bc6e36e8585b63fe60, without a real explanation
> (just the standard "this reverts commit xyz" message).
> Is there any specific reason that this fix has been reverted?=

Yes. It broken Ubuntu builds as Ubuntu had a different name for the libssl package.

I've requested a couple of times for someone who has more knowledge of Debian packaging to write a fix which will work for both Debian and Ubuntu.

Will someone please send a pull request which will work for both Debian and Ubuntu...

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140602/1cedc13c/attachment.pgp>

More information about the Freeradius-Users mailing list