Hi, there is an upcoming OpenSSL scheduled for next TUE (2023-05-30) including one security fix of moderate severity [0]. For Bullseye I am going backport ~6 fixes (4 security fixes of minor severity which were not yet addressed, the upcoming fix and an alternative fix for CVE-2022-4304). _Later_ (once time permits) I would open a pu for Bullseye to include the final release (1.1.1u) since it only contains fixes.
For Bookworm I would much rather prefer to upload 3.0.9 to unstable and open a unblock bug for Bookworm. Looking at the history it contains 169 commits and only fixes which don't qualify as security issues. (Same for the 1.1.1 series but I would prefer to do some testing first and push it slowly via pu since it is much further behind (not that I expect anything to happen)). The Bookworm release is scheduled for the 10th and the announce mail claims that the unblock should happen on the 28th (tomorrow) at the latest. This will be hard to achieve given that my time machine is currently out of operation. This probably means that I need to upload to Bookworm-security unless there are exceptions. Are there other preferences/ suggestions from the release or security team? [0] https://mta.openssl.org/pipermail/openssl-announce/2023-May/000258.html Sebastian
