[openssl-users] OpenSSL Release Strategy and Blog

Jeffrey Walton noloader at gmail.com
Fri Sep 9 12:32:06 UTC 2016

On Fri, Sep 9, 2016 at 8:26 AM, Pfluegl, Andreas <andreas.pfluegl at etm.at> wrote:
> We started using OpenSSL in 2010 for Windows and Linux. We gladly followed
> the release strategy suggestion, as it allowed us to deliver patches without
> recompiling our code. So we still compile and link our code against 1.0.0
> while delivering the current 1.0.2x versions (which by the way works great).
> At Windows we started with VC10 and soon migrated to VC12, but currently we
> are struggling with porting to VC14. So we are considering to update the
> openSSL version we compile and link against to 1.0.2. I don't expect 1.0.2
> to be binary compatible to 1.0.1 or 1.0.3 as 1.0.0 is, but I expect it to be
> binary compatible with all 1.0.2x versions. Since I found no official
> statement which confirms this, I'd ask you to confirm this theory of mine.

https://www.openssl.org/docs/faq.html#MISC8 :

8. How does the versioning scheme work?

After the release of OpenSSL 1.0.0 the versioning scheme changed.
Letter releases (e.g. 1.0.1a) can only contain bug and security fixes
and no new features. Minor releases change the last number (e.g.
1.0.2) and can contain new features that retain binary compatibility.
Changes to the middle number are considered major releases and neither
source nor binary compatibility is guaranteed.


More information about the openssl-users mailing list