matt at openssl.org
Mon Oct 19 14:14:56 UTC 2020
At the recent Committer and OTC meetings a proposal was discussed to add
further clarity to what is allowed in stable releases, and to introduce
a new "LTS+" type of release to go alongside the existing LTS release.
The idea is that an LTS release is restricted to bug fixes and security
fixes only (as now). However an LTS+ release would additionally be able
to accept additional platforms as well as performance improvements. LTS
and LTS+ releases would be issued simultaneously, have the same support
period, and would have the same minor and patch version numbers. The
LTS+ designation would be separate to the version number (e.g. in a text
In order for this to happen an OMC vote would be required. My proposed
vote text (which incorporates the proposal text discussed in the
meeting) is as follows:
"The OMC should include the following text in its release strategy:
In order to maximise stability, Long Term Support (LTS) Releases are
eligible to receive bug and security fixes only.
Bug fixes are:
- Fixes for defects that impact behaviour that do not impact the API or
- Minor fixes to existing code to correct major performance regressions
(e.g. larger than 10% performance regression compared to the previous
- Inclusion of new API functions to correct missing accessor functions
Security fixes are:
- Fixes and changes as necessary as a result of a CVE
- Minor amendments for security hardening purposes
Security fixes should not change the API/ABI, although functional
behaviour may be changed if strictly necessary (e.g. changing defaults).
Following an LTS release additional releases may also occur in an LTS+
release. The LTS+ release support time will be aligned with the LTS
release. Releases of the LTS+ version will be done at the same time as
the LTS release.
LTS+ releases may contain the following new features:
- Support for additional platforms
- Performance improvements
The LTS+ release major and minor and patch version numbers will be the
same as the LTS release. The designation of the LTS+ release will be
separate from the version number."
Feedback is appreciated on both the proposal, and the vote text.
More information about the openssl-project