Forthcoming OpenSSL Bug Fix Release

Dr Paul Dale pauli at openssl.org
Wed Oct 26 22:41:42 UTC 2022


1.1.1 is not susceptible to the CVE that is being fixed in 3.0:

    /the forthcoming release of OpenSSL version 1.1.1s that is a *bug
    fix* release/.

(highlight added).


Dr Paul Dale

On 26/10/22 22:17, Matan Giladi wrote:
> Does 1.1.1s is going to include any security fix?
> Can you please confirm that the critical issue found in 3.0.6 version is irrelevant for 1.1.1?
>
> -----Original Message-----
> From: openssl-announce<openssl-announce-bounces at openssl.org>  On Behalf Of Ing. Martin Koci, MBA
> Sent: Tuesday, October 25, 2022 21:36
> To:openssl-announce at openssl.org;openssl-users at openssl.org;openssl-project at openssl.org;oss-security at lists.openwall.com
> Subject: Forthcoming OpenSSL Bug Fix Release
>
> Hello,
>
> In addition to the already announced 3.0.7 release, the OpenSSL project team would like to announce the forthcoming release of OpenSSL version 1.1.1s that is a bug fix release.
>
> This bug fix release will be made available on Tuesday 1st November 2022 between 1300-1700 UTC too.
>
> Yours
> The OpenSSL Project Team
>
>
> Email secured by Check Point
> Report Phishing:https://mta-cnf.iaas.checkpoint.com/mta_feedback?id=b3dc9e6004806fac5adb86a1a47504d00416eb2590b631502621736f0652d7ea&ck=3D4CC6C8CB55;48DE55E160E5;C5CEAA199888;&v=m
>
> Email secured by Check Point
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-announce/attachments/20221027/a64f0fd0/attachment.htm>


More information about the openssl-announce mailing list