Warning about OpenSSL 1.0.2
Nick Lowe
nick.lowe at gmail.com
Tue Oct 13 10:20:08 CEST 2015
Red Hat have an update available for their affected 6.7 release:
https://rhn.redhat.com/errata/RHBA-2015-1829.html
If you're running CentOS 6.7, you're likely out of luck until 6.8
becomes available:
https://bugs.centos.org/view.php?id=9295
(That bug report has seemingly been ignored.)
As this is making a lot of noise with Android 6.0 (Marshmallow),
please consider releasing a 3.x and discretionary, under protest 2.x
release sooner rather than later to close the loop of known possible
issues:
https://code.google.com/p/android/issues/detail?id=188867
https://code.google.com/p/android-developer-preview/issues/detail?id=2136
I agree that there aren't likely to be many sites using OpenSSL 1.0.2
at this point in time, worth nipping in the bud though.
More information about the Freeradius-Users
mailing list