New OpenSSL Releases
Dennis Clarke
dclarke at blastwave.org
Tue Sep 12 17:32:59 UTC 2023
On 9/12/23 12:34, Matt Caswell wrote:
> The OpenSSL project team would like to announce the upcoming release of
> OpenSSL versions 3.1.3 and 3.0.11.
>
> These releases will be made available on Tuesday 19th September 2023
> between 1300-1700 UTC.
>
> These are security-fix releases. The highest severity issue fixed in
> each of these two releases is Low:
>
> https://www.openssl.org/policies/secpolicy.html
Can the OTC ( OpenSSL Technical Committee [1] ) please have a
meeting and then issue a clear statement regarding section 14 of
the Coding Style document :
https://www.openssl.org/policies/technical/coding-style.html
Chapter 14: Portability
To maximise portability the version of C defined in
ISO/IEC 9899:1990 should be used. This is more commonly
referred to as C90. ISO/IEC 9899:1999 (also known as C99) is
not supported on some platforms that OpenSSL is used on and
therefore should be avoided.
There I see the use of the word "should" as opposed to "must".
The codebase has drifted and there are a very few places where an
honest attempt to comply with ISO/IEC 9899:1990 will fail. My intention
here is clarity of compliance statement such that portability is assured
in much the same way as the Curl/libCurl projects and a few others.
--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
[1] https://www.openssl.org/community/otc.html
More information about the openssl-users
mailing list