1.1.1 is not susceptible to the CVE that is being fixed in 3.0:
/the forthcoming release of OpenSSL version 1.1.1s that is a *bug
fix* release/.
(highlight added).
Dr Paul Dale
On 26/10/22 22:17, Matan Giladi wrote:
Does 1.1.1s is going to include any security fix?
Can you please confirm that the critical issue found in 3.0.6 version is
irrelevant for 1.1.1?
-Original Message-
From: openssl-announce On Behalf Of Ing.
Martin Koci, MBA
Sent: Tuesday, October 25, 2022 21:36
To:openssl-annou...@openssl.org;openssl-us...@openssl.org;openssl-project@openssl.org;oss-secur...@lists.openwall.com
Subject: Forthcoming OpenSSL Bug Fix Release
Hello,
In addition to the already announced 3.0.7 release, the OpenSSL project team
would like to announce the forthcoming release of OpenSSL version 1.1.1s that
is a bug fix release.
This bug fix release will be made available on Tuesday 1st November 2022
between 1300-1700 UTC too.
Yours
The OpenSSL Project Team
Email secured by Check Point
Report
Phishing:https://mta-cnf.iaas.checkpoint.com/mta_feedback?id=b3dc9e6004806fac5adb86a1a47504d00416eb2590b631502621736f0652d7ea&ck=3D4CC6C8CB55;48DE55E160E5;C5CEAA199888;&v=m
Email secured by Check Point