Release of 3.0.12

Adam Bishop Adam.Bishop at jisc.ac.uk
Mon Sep 26 13:38:32 CEST 2016


On 26 Sep 2016, at 10:07, Stefan Winter <stefan.winter at restena.lu> wrote:
> Debugger not attached
> Refusing to start with libssl version OpenSSL 1.0.1k 8 Jan 2015
> 0x100010bf (1.0.1k release) (in range 1.0.1 release - 1.0.1t rele)
> Security advisory CVE-2016-6304 (OCSP status request extension)
> For more information see https://www.openssl.org/news/secadv/20160922.txt
> Once you have verified libssl has been correctly patched, set
> security.allow_vulnerable_openssl = 'CVE-2016-6304'
> radius-int-1:/usr/local/freeradius #

tls_global_version_check() doesn't accept individual CVE numbers any more - I'm not sure it's intentional though as the error message still references it.

'allow_vulnerable_ssl' = yes should let you continue.

Regards,

Adam Bishop

  gpg: E75B 1F92 6407 DFDF 9F1C  BF10 C993 2504 6609 D460

jisc.ac.uk

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.  




More information about the Freeradius-Users mailing list