My key activities this month were: - triage of newly reported issues, investigating bugs, and responding to questions - participation on the meetings - Youtrack workflow refinements - participation on QUIC design and implementation - reviews of various PRs: - I've reviewed about 80 PRs this month - Notable PRs reviewed: - Priority queue #18274 - Make OSSL_LIB_CTX_load_config thread safe #18331 - providers/implementations/exchange/kdf_exch.c: Fix kdf_derive() #18533 - Add a DTLS next epoch test #18601 - Check for invalid PSS params before writing and use fixed width integer type in DER writer #18615
- submitted 20 PRs: - In particular: - Update expired SCT certificates #18444 - Use as small dh key size as possible to support the security #18480 - Fix BN_mod_exp_consttime so it does not produce unreduced result #18510 - The flag "decoded-from-explicit" must be imp/exportable #18609 - Initial prototype for SSL object refactoring #18612 - Avoid including decoder/encoder/store headers into fips module #18630 I also took 1 day off this month. -- Tomáš Mráz, OpenSSL