[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: Forthcoming OpenSSL Bug Fix Release
From:       Dr Paul Dale <pauli () openssl ! org>
Date:       2022-10-26 22:41:42
Message-ID: b3783d0c-19d9-4381-41b2-66747da55c05 () openssl ! org
[Download RAW message or body]


1.1.1 is not susceptible to the CVE that is being fixed in 3.0:

    /the forthcoming release of OpenSSL version 1.1.1s that is a *bug
    fix* release/.

(highlight added).


Dr Paul Dale

On 26/10/22 22:17, Matan Giladi wrote:
> Does 1.1.1s is going to include any security fix?
> Can you please confirm that the critical issue found in 3.0.6 version is irrelevant for \
> 1.1.1? 
> -----Original Message-----
> From: openssl-announce<openssl-announce-bounces@openssl.org>  On Behalf Of Ing. Martin Koci, \
>                 MBA
> Sent: Tuesday, October 25, 2022 21:36
> To:openssl-announce@openssl.org;openssl-users@openssl.org;openssl-project@openssl.org;oss-security@lists.openwall.com
>                 
> Subject: Forthcoming OpenSSL Bug Fix Release
> 
> Hello,
> 
> In addition to the already announced 3.0.7 release, the OpenSSL project team would like to \
> announce the forthcoming release of OpenSSL version 1.1.1s that is a bug fix release. 
> This bug fix release will be made available on Tuesday 1st November 2022 between 1300-1700 \
> UTC too. 
> Yours
> The OpenSSL Project Team
> 
> 
> Email secured by Check Point
> Report Phishing:https://mta-cnf.iaas.checkpoint.com/mta_feedback?id=b3dc9e6004806fac5adb86a1a4 \
> 7504d00416eb2590b631502621736f0652d7ea&ck=3D4CC6C8CB55;48DE55E160E5;C5CEAA199888;&v=m 
> Email secured by Check Point



[prev in list] [next in list] [prev in thread] [next in thread]