diff -Nru freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/changelog freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/changelog
--- freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/changelog	2023-01-04 03:23:09.000000000 +0000
+++ freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/changelog	2024-01-12 16:59:58.000000000 +0000
@@ -1,3 +1,11 @@
+freeradius (3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.2) jammy; urgency=medium
+
+  * d/p/avoid-smbencrypt-segfault-with-openssl3-fixes.patch: load the
+    OpenSSL legacy providers and use OpenSSL3 init for MD4/MD5
+    (LP: #2042824).
+
+ -- Miriam España Acebal <miriam.espana@canonical.com>  Fri, 12 Jan 2024 17:59:58 +0100
+
 freeradius (3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.1) jammy-security; urgency=medium
 
   * SECURITY UPDATE: DoS using abinary attribute
diff -Nru freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/patches/avoid-smbencrypt-segfault-with-openssl3-fixes.patch freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/patches/avoid-smbencrypt-segfault-with-openssl3-fixes.patch
--- freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/patches/avoid-smbencrypt-segfault-with-openssl3-fixes.patch	1970-01-01 00:00:00.000000000 +0000
+++ freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/patches/avoid-smbencrypt-segfault-with-openssl3-fixes.patch	2024-01-12 16:59:58.000000000 +0000
@@ -0,0 +1,105 @@
+From 25114031a868e37256b4292f3898c0e050cab1d0 Mon Sep 17 00:00:00 2001
+From: "Alan T. DeKok" <aland@freeradius.org>
+Date: Thu, 26 May 2022 09:03:59 -0400
+Subject: [PATCH] patches for OpenSSL3.  Fixes #4539
+
+---
+ src/modules/rlm_mschap/smbencrypt.c | 63 +++++++++++++++++++++++++++++
+ 1 file changed, 63 insertions(+)
+
+Origin: upstream, https://github.com/FreeRADIUS/freeradius-server/commit/25114031a868e37256b4292f3898c0e050cab1d0
+Bug: https://github.com/FreeRADIUS/freeradius-server/issues/4539
+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/freeradius/+bug/2042824
+Last-Update: 2024-01-12
+--- a/src/modules/rlm_mschap/smbencrypt.c
++++ b/src/modules/rlm_mschap/smbencrypt.c
+@@ -23,6 +23,12 @@
+ RCSID("$Id$")
+ 
+ #include	<freeradius-devel/libradius.h>
++
++#ifdef HAVE_OPENSSL_SSL_H
++#include <openssl/ssl.h>
++#include <freeradius-devel/openssl3.h>
++#endif
++
+ #include	<freeradius-devel/md4.h>
+ #include	<freeradius-devel/md5.h>
+ #include	<freeradius-devel/sha1.h>
+@@ -33,6 +39,58 @@
+ 
+ static char const hex[] = "0123456789ABCDEF";
+ 
++#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x30000000L
++#  include <openssl/provider.h>
++
++static OSSL_PROVIDER *openssl_default_provider = NULL;
++static OSSL_PROVIDER *openssl_legacy_provider = NULL;
++
++#define ERROR(_x) fprintf(stderr, _x)
++
++static int openssl3_init(void)
++{
++	/*
++	 *	Load the default provider for most algorithms
++	 */
++	openssl_default_provider = OSSL_PROVIDER_load(NULL, "default");
++	if (!openssl_default_provider) {
++		ERROR("(TLS) Failed loading default provider");
++		return -1;
++	}
++
++	/*
++	 *	Needed for MD4
++	 *
++	 *	https://www.openssl.org/docs/man3.0/man7/migration_guide.html#Legacy-Algorithms
++	 */
++	openssl_legacy_provider = OSSL_PROVIDER_load(NULL, "legacy");
++	if (!openssl_legacy_provider) {
++		ERROR("(TLS) Failed loading legacy provider");
++		return -1;
++	}
++
++	return 0;
++}
++
++static void openssl3_free(void)
++{
++	if (openssl_default_provider && !OSSL_PROVIDER_unload(openssl_default_provider)) {
++		ERROR("Failed unloading default provider");
++	}
++	openssl_default_provider = NULL;
++
++	if (openssl_legacy_provider && !OSSL_PROVIDER_unload(openssl_legacy_provider)) {
++		ERROR("Failed unloading legacy provider");
++	}
++	openssl_legacy_provider = NULL;
++}
++#else
++#define openssl3_init()
++#define openssl3_free()
++#endif
++
++
++
+ /*
+  *	FIXME: use functions in freeradius
+  */
+@@ -67,6 +125,8 @@
+ 	char ntpass[33];
+ 	char lmpass[33];
+ 
++	openssl3_init();
++
+ 	fprintf(stderr, "LM Hash			 \tNT Hash\n");
+ 	fprintf(stderr, "--------------------------------\t--------------------------------\n");
+ 	fflush(stderr);
+@@ -80,5 +140,8 @@
+ 		tohex (hash, 16, ntpass);
+ 		printf("%s\t%s\n", lmpass, ntpass);
+ 	}
++
++	openssl3_free();
++
+ 	return 0;
+ }
diff -Nru freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/patches/series freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/patches/series
--- freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/patches/series	2023-01-03 08:49:19.000000000 +0000
+++ freeradius-3.0.26~dfsg~git20220223.1.00ed0241fa/debian/patches/series	2024-01-12 16:59:58.000000000 +0000
@@ -10,3 +10,4 @@
 fix-mschap-client-crash-2.patch
 fix-python-version-parsing.patch
 CVE-2022-41861.patch
+avoid-smbencrypt-segfault-with-openssl3-fixes.patch