[openssl-users] Looking for the Changelog in openssl-fips-2.0.12

Steve Marquess marquess at openssl.com
Tue May 24 13:15:10 UTC 2016

On 05/24/2016 07:56 AM, Philip Bellino wrote:
> Hello,
> I am looking for the Changelog that explains the changes between
> openssl-fips-2.0.9 and 2.0.12.
> The README.FIPS that comes with 2.0.12 points here:
> https://www.openssl.org/docs/fips  but I cannot find the changes.
> Any help would be most appreciated.

Look at the Security Policy document, "Modification History":


Since in general we aren't allowed to add new functionality or even to
fix security vulnerabilities for validated modules, the only reason to
use a newer module revision (2.0.12) instead of an older one (2.0.9) is
that the older one lacks support for your specific platform(s) of
interest; there is no advantage in updating already fielded modules like
you would for OpenSSL proper or other more conventionally maintained

-Steve M.

Steve Marquess
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc

More information about the openssl-users mailing list