Alan Buxey A.L.M.Buxey at
Tue Apr 14 10:00:09 CEST 2015

Either upgrade your openssl and rebuild against that version or,  if you believe or know that your openssl is good/safe against that CVE issue (distros patch their versions but don't update the version) then simply state

allow_vulnerable_openssl = 'CVE-2014-0160'

In the security section of radius.conf as per the debug output and docs


More information about the Freeradius-Users mailing list