<div dir="ltr"><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap">Hello OpenSSL Developers,</pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap"><br></pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap">I understand through your previous announcements that OpenSSL 0.9.8 is no longer "supported", and no more "security fixes", nor "security updates" will be provided by OpenSSL.org.</pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap"><br></pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap">Does this mean that we can expect no more CVEs to be generated or listed for <span style="font-family:arial,sans-serif">OpenSSL 0.9.8 also?</span></pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap"><span style="font-family:arial,sans-serif"><br></span></pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap">Thanks!</pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap"><span style="font-family:arial,sans-serif">Joe</span><br></pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap"><span style="font-family:arial,sans-serif"><br></span></pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap"><span style="font-family:arial,sans-serif">------------------------</span><br></pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap"><span style="font-family:arial,sans-serif">"NOTE: WE ANTICIPATE THAT 1.0.0t AND 0.9.8zh WILL BE THE LAST RELEASES FOR THE</span><br></pre><pre style="color:rgb(0,0,0);word-wrap:break-word;white-space:pre-wrap"><pre style="word-wrap:break-word;white-space:pre-wrap">0.9.8 AND 1.0.0 VERSIONS AND THAT NO MORE SECURITY FIXES WILL BE PROVIDED (AS
PER PREVIOUS ANNOUNCEMENTS). USERS ARE ADVISED TO UPGRADE TO LATER VERSIONS."
</pre><div><br></div><div><pre style="word-wrap:break-word;white-space:pre-wrap">"As per our previous announcements and our Release Strategy
(<a href="https://www.openssl.org/about/releasestrat.html">https://www.openssl.org/about/releasestrat.html</a>), support for OpenSSL versions
1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these
versions will be provided after that date. In the absence of significant
security issues being identified prior to that date, the 1.0.0t and 0.9.8zh
releases will be the last for those versions. Users of these versions are
advised to upgrade."
</pre><pre style="word-wrap:break-word;white-space:pre-wrap"><br></pre><pre style="word-wrap:break-word;white-space:pre-wrap">per <a href="http://openssl.org/news/secadv/20151203.txt">http://openssl.org/news/secadv/20151203.txt</a>.</pre><pre style="word-wrap:break-word;white-space:pre-wrap"><span style="font-family:arial,sans-serif">-------------------------</span><br></pre><pre style="word-wrap:break-word;white-space:pre-wrap"><br></pre></div></pre></div>