How to link to openssl if two versions of libssl are on the system, when building FreeRadius on Debian wheezy 7.4?

Matthew Newton mcn4 at leicester.ac.uk
Fri May 16 15:24:35 CEST 2014


On Fri, May 16, 2014 at 03:52:36PM +0300, Rani Ahmed wrote:
> I have from Debian wheezy repository : OpenSSL 1.0.1*e* as a binary
> package. Already installed on the normal location /usr/lib. => Heartbleed
> bug.

Debian's openssl 1.0.1e packaged has been patched, so it's not
vulnerable if you're up-to-date with the latest package.

They, like other distributions, annoyingly don't update the
version number. So you have to set

> allow_vulnerable_openssl = yes

If you build FR from source as a package, this is all sorted for
you - the allow_vulnerable_openssl is automatically set, because
the built backage will depend on the correct (patched) version of
openssl.

Matthew



-- 
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list