How to link to openssl if two versions of libssl are on the system, when building FreeRadius on Debian wheezy 7.4?

Arran Cudbard-Bell a.cudbardb at
Fri May 16 15:45:24 CEST 2014

On 16 May 2014, at 14:24, Matthew Newton <mcn4 at LEICESTER.AC.UK> wrote:

> On Fri, May 16, 2014 at 03:52:36PM +0300, Rani Ahmed wrote:
>> I have from Debian wheezy repository : OpenSSL 1.0.1*e* as a binary
>> package. Already installed on the normal location /usr/lib. => Heartbleed
>> bug.
> Debian's openssl 1.0.1e packaged has been patched, so it's not
> vulnerable if you're up-to-date with the latest package.
> They, like other distributions, annoyingly don't update the
> version number. So you have to set
>> allow_vulnerable_openssl = yes
> If you build FR from source as a package, this is all sorted for
> you - the allow_vulnerable_openssl is automatically set, because
> the built backage will depend on the correct (patched) version of
> openssl.

No, this had to be removed because it broke ubuntu builds.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <>

More information about the Freeradius-Users mailing list