Backporting TLS fixes to Fedora and RHEL
Alan DeKok
aland at deployingradius.com
Fri Oct 15 17:55:31 CEST 2021
On Oct 15, 2021, at 11:44 AM, Antonio Torres <antorres at redhat.com> wrote:
> I am sorry my message gave that impression. I'm not asking for anyone
> to do my job, I'm just asking for some pointers to identify this fix,
$ git log
> since the release notes don't mention commit hashes or PR numbers.
> Rest assured that we have dedicated a considerable amount of time to
> test and investigate before asking for help.
And if I may ask... why can OpenSSL go through a MAJOR version upgrade, but FreeRADIUS isn't allowed a MINOR version upgrade?
OpenSSL 3.0.0 has other bugs, too. Some things simply don't work.
I am rather surprised that there's any expectation that the system could do a major version upgrade on OpenSSL, and have everything work. I would pretty much expect random breakages in random applications.
It's a very bad idea. But I guess it's driven by "corporate policies", so you're stuck trying to debug a complex problem created by those policies.
Alan DeKok.
More information about the Freeradius-Users
mailing list