1.1.1u release

Tomas Mraz tomas at openssl.org
Mon Apr 24 11:57:26 UTC 2023


Hi Sebastian,

none of these releases were created yet as all the recent
vulnerabilities fixed are of Low severity. However there will be new
releases in near future (no concrete date set yet) because the previous
releases were done almost 3 months ago.

Regards,

Tomas Mraz, OpenSSL

On Mon, 2023-04-24 at 11:52 +0000, Sebastian Koerner wrote:
> Hello openssl-users.
> 
> https://www.openssl.org/news/vulnerabilities.html says
> 
> CVE-2023-0465Invalid certificate policies in leaf certificates are
> silently ignored [Low severity] 23 March 2023: [...]
>  * Fixed in OpenSSL 3.1.1 (git commit) (Affected since 3.1.0)
>  * Fixed in OpenSSL 3.0.9 (git commit) (Affected since 3.0.0)
>  * Fixed in OpenSSL 1.1.1u (git commit) (Affected since 1.1.1)
>  * Fixed in OpenSSL 1.0.2zh (Affected since 1.0.2)
> However: I can't seem to find 1.1.1u for download. Is it released
> yet?
> 

-- 
Tomáš Mráz, OpenSSL



More information about the openssl-users mailing list