1 --- a/raddb/radiusd.conf.in
2 +++ b/raddb/radiusd.conf.in
4 # and may not reflect patches applied to libssl by
5 # distribution maintainers.
7 - allow_vulnerable_openssl = no
8 + # This version of FreeRADIUS is built as a Debian package that
9 + # depends on the right version of OpenSSL, so this is set by
10 + # default to allow the server to start.
12 + allow_vulnerable_openssl = 'CVE-2014-0160'