[openssl-users] OpenSSL 0.9.8 - No more security fixes, nor updates and support, But NO CVEs listed either?

Joe Flowers flowers.joseph at gmail.com
Wed Jan 13 02:29:34 UTC 2016

Thanks, Matt!

I did not know that OpenSSL.org is the only organization that creates
CVEs for OpenSSL.

Thanks for clearing this up for me!



On 12/01/16 22:43, Joe Flowers wrote:
>* Hello OpenSSL Developers,
*> > >* I understand through your previous announcements that OpenSSL
0.9.8 is no longer "supported", and no more "security fixes", nor
"security updates" will be provided by OpenSSL.org.
*> > >* Does this mean that we can expect no more CVEs to be generated
or listed for OpenSSL 0.9.8 also?
Not supported means we will no longer being doing work on the 0.9.8 or
1.0.0 branches. This includes any analysis which may lead to a CVE

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160112/8c9eb57d/attachment.html>

More information about the openssl-users mailing list