Hi. Indeed, it's likely a duplicate of #907518.
I'd also agree with Andrej, that the defaults shouldn't be changed just to please people who haven't done their homework and support at least 1.2 (which is already 10 years old). Why should others suffer in their security just because of them?! OTOH it's unfortunately a fact that many EAP WiFis will not change... so in the next stable release, many people will suffer from this issue. For many cases people will anyway distrust such WiFis and just use them to connect to the internet... so one more reason not to lower the security for openssl system-wide but at most for wpasupplicant only. I could however not find the user configurable setting for it, that Andrej mentioned. Cheers, Chris.
