I have just noticed that my freeradius2 2.2.5 server refuses to start with the following message:
radiusd: Refusing to start with libssl version OpenSSL 1.0.1e-freebsd 11 Feb 2013 (in range 1.0.1 - 1.0.1f). Security advisory CVE-2014-0160 (Heartbleed) radiusd: For more information see http://heartbleed.com My freeradius2 package is built against the openssl version of the base system: # openssl version OpenSSL 1.0.1e-freebsd 11 Feb 2013 The base openssl version did not change after applying the various security patches, where "FreeBSD Security Advisory FreeBSD-SA-14:06.openssl" in particular solved the heartbleed issue: # uname -r 10.0-RELEASE-p3 So how can I tell freeradius2 that it is built against a heardbleed save, e.g. patched, openssl version in spite of the low version number? Regards, Peter _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
