On 21/05/2019 16:43, Matt Caswell wrote:
> The OpenSSL project team would like to announce the forthcoming release
> of OpenSSL versions 1.1.1c, 1.1.0k and 1.0.2s.
> These releases will be made available on 28th May 2019 between approximately
> 1200-1600 UTC.
> OpenSSL 1.1.0k and 1.0.2s contain security hardening bug fixes only but do not
> address any CVEs. OpenSSL 1.1.1c is a bug-fix release (and contains the
> equivalent security hardening fixes as for 1.1.0k and 1.0.2s where relevant).

Correction to this announcement: OpenSSL 1.1.1c and OpenSSL 1.1.0k (released
yesterday) do not address any new CVEs. They do however contain a fix for a
previously announced low severity CVE (CVE-2019-1543). See the original security
advisory here:



Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to