[Pkg-freeradius-maintainers] Bug#919236: Bug#919236: Inappropriately broad default CA for EAP configuration

Bernhard Schmidt berni at birkenwald.de
Wed Apr 15 13:20:45 BST 2020


Am 15.04.20 um 13:57 schrieb sauron99 at gmx.de:

Hi,

>> >>>>> "Michael" == Michael Stapelberg writes:
>> I really don't think I'm going to be able to provide more on this prior
>> to the buster release. I'm struggling trying to get through my own list
>> of things to fix in my packages.
> Is there any news on this? This bug keeps my last important machines i
> have here on Squeeze, unfortunately.

Why is this keeping your machine at Squeeze? It is a problem in the
_default_ configuration, you can change it at will. And since it is a
conffile (in /etc) it won't be overwritten by updates.

I agree that this should be fixed though, but I need some input on how
to do this properly, both on upgrades and on new installations. I think
the option of dropping snakeoil-certs.diff and running make in
/etc/freeradius/3.0/certs on postinst (accompanied by a NEWS entry)
should be okay. What do you think?

Bernhard



More information about the Pkg-freeradius-maintainers mailing list