Can't get rid of OpenSSL-message
Stefan Winter
stefan.winter at restena.lu
Mon Sep 26 11:25:54 CEST 2016
Hi,
should have attached to this thread I guess. I have the same problem, on
the same CentOS.
And I did set only the most recent one, previous incarnation commented
out. In my raddb folder:
# grep CVE *
radiusd.conf:# allow_vulnerable_openssl = 'CVE-2014-0160'
radiusd.conf: allow_vulnerable_openssl = 'CVE-2016-6304'
?
Greetings,
Stefan Winter
Am 23.09.2016 um 12:18 schrieb Arran Cudbard-Bell:
>
>> On 23 Sep 2016, at 13:59, Philipp Trenz <mail at philipptrenz.de> wrote:
>>
>> Hi there,
>>
>> I newly compiled 3.0.12 for the upcoming release, but I can't get rid of the issue messages of openssl. openssl is already patched, allow_vulnerable_openssl = 'CVE-2016-6304' and allow_vulnerable_openssl = 'CVE-2014-0160' are added at the end of security {}. Running freeradius on a CentOS 7.
>> Is this a bug or am I missing something?
>>
> Set the latest one, not both...
>
> -Arran
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette
Tel: +352 424409 1
Fax: +352 422473
PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20160926/49a2891c/attachment.sig>
More information about the Freeradius-Users
mailing list