Hello, The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 3.0.5 and 1.1.1q.
These releases will be made available on Tuesday 5th July 2022 between 1300-1700 UTC. These are a security-fix releases. The highest severity issue fixed in 3.0.5 release is High, in 1.1.1q release Moderate: https://www.openssl.org/policies/secpolicy.html One of the issues fixed in the 3.0.5 release is the CVE-2022-2274 (Bug in RSA implementation for AVX512IFMA capable CPUs) which is already public: https://www.cve.org/CVERecord?id=CVE-2022-2274 A workaround for the issue is to set the environment variable OPENSSL_ia32cap to disable the AVX512IFMA based implementation: export OPENSSL_ia32cap=:~0x200000 Yours The OpenSSL Project Team
