Heikki, I tried to upgrade to ActiveState PERL 5.18.4.1804 and when I try to install the following modules I need:
C:\Perl64\bin>ppm install Net-SNMP Downloading Net-SNMP-v6.0.1...failed 500 write failed: Bad file descriptor ppm install failed: 500 write failed: Bad file descriptor C:\Perl64\bin>ppm install http://www.open.com.au/radiator/free-downloads/Win32-Lsa.ppd ppm install failed: 500 write failed: Bad file descriptor I also could not install Win32::Daemon with either 5.18.4.1804 or 5.22.0.2200 C:\Perl64\bin>ppm install Win32::Daemon Downloading ActiveState Package Repository dbimage...done Syncing site PPM database with .packlists...done ppm install failed: Can't find any package that provides Win32::Daemon Thanks. -Neil -- Neil Johnson Network Engineer The University of Iowa Phone: 319 384-0938 Fax: 319 335-2951 E-Mail: neil-john...@uiowa.edu > On Aug 15, 2015, at 3:08 AM, Heikki Vatiainen <h...@open.com.au> wrote: > > On 08/15/2015 12:20 AM, Johnson, Neil M wrote: > >> I removed the OSC NET::SSLeay ppm from my Windows system and now I’m >> using the Active States version of OpenSSL, which is OpenSSL 1.0.1e >> 11 Feb 2013 and vulnerable to Heartbleed. > > Hello Neil and the other list members, > > I suggest upgrading your ActivePerl to a version that does not come with > a vulnerable OpenSSL. ActiveState has published this information about > the vulnerable versions: > https://community.activestate.com/node/10856 > > Radiator comes with Win32-Lsa PPMs that work with ActivePerl 5.18. If > you'd like to use a more recent ActivePerl, please let us know. Now that > ActivePerl 5.22 is out, we can see how the LSA module compiles against > it. The compiler changes introduced in ActivePerl 5.20 have hopefully > now been settled. > > Another option is to use Strawberry Perl. The Win32-Lsa modules that > come with Radiator 4.15 support Strawberry Perl up to version 5.22. > > The Heartbleed fix was announced in Strawberry Perl April 2014 release: > http://strawberryperl.com/release-notes/5.18.2.2-64bit.html > > The precompiled Net::SSLeay modules were mainly provided for those who > wanted to use EAP-FAST while the extensions EAP-FAST required were not > widely available in OpenSSL. When the Heartbleed vulnerability was > exposed, they were also useful for a quick mitigation. > > I recommend using the Net::SSLeay and OpenSSL that come with ActivePerl > and Strawberry Perl and keeping track of their releases and upgrading as > needed. > > Thanks, > Heikki > > -- > Heikki Vatiainen <h...@open.com.au> > > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, > TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, > DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, > NetWare etc. > _______________________________________________ > radiator mailing list > radiator@open.com.au > http://www.open.com.au/mailman/listinfo/radiator _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
