OpenSSL version 1.1.1f published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 1.1.1f released === OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 1.1.1f of our open

Re: 1.1.1f

I don't see why we hurry so much for 1.1.1f > > we got into this situation because everything moves so quickly, > why does everyone here think we should move even faster now? > > What is the reason for this? > > Bernd. > >> Tim. >> >> On Fri, 27 Mar 2020,

Re: 1.1.1f

There seems to be broad support for a 1.1.1f release. Unless I hear an OMC objection I will formally announce this tomorrow. Matt On 27/03/2020 00:10, Viktor Dukhovni wrote: > On Thu, Mar 26, 2020 at 11:33:40PM +, Matt Caswell wrote: > >> On 26/03/2020 23:15, Viktor Du

Re: 1.1.1f

On Thu, Mar 26, 2020 at 11:33:40PM +, Matt Caswell wrote: > On 26/03/2020 23:15, Viktor Dukhovni wrote: > > On Thu, Mar 26, 2020 at 09:13:32PM +0100, Bernd Edlinger wrote: > > > >> we got into this situation because everything moves so quickly, > >> why does everyone here think we should

Re: 1.1.1f

On 26/03/2020 23:15, Viktor Dukhovni wrote: > On Thu, Mar 26, 2020 at 09:13:32PM +0100, Bernd Edlinger wrote: > >> we got into this situation because everything moves so quickly, >> why does everyone here think we should move even faster now? >> >> What is the reason for this? > > We've

Re: 1.1.1f

On Thu, Mar 26, 2020 at 09:13:32PM +0100, Bernd Edlinger wrote: > we got into this situation because everything moves so quickly, > why does everyone here think we should move even faster now? > > What is the reason for this? We've published a bug-fix release (1.1.1e) that's liable to cause

Re: 1.1.1f

On 3/26/20 9:10 PM, Tim Hudson wrote: > We don't guarantee constant time. > #11411 does, I don't see why we hurry so much for 1.1.1f we got into this situation because everything moves so quickly, why does everyone here think we should move even faster now? What is the

Re: 1.1.1f

Todd wrote: > >>> This type of API-braking change should be reserved for something like > >>> 3.0, not a patch release. > >>> > >>> Despite it being a "incorrect", it is expected behavior. > >>> > >> > >> Right

Re: 1.1.1f

t;>> Despite it being a "incorrect", it is expected behavior. >>> >> >> Right - but the question now is not whether we should revert it (it has >> been reverted) - but whether this should trigger a 1.1.1f release soon? >> >> Matt >>

Re: 1.1.1f

revert it (it has > been reverted) - but whether this should trigger a 1.1.1f release soon? > > Matt > > > -- > > -Todd Short > > // tsh...@akamai.com <mailto:tsh...@akamai.com> > > // “One if by land, two if by sea, three if by the Internet." > &g

Re: 1.1.1f

it (it has been reverted) - but whether this should trigger a 1.1.1f release soon? Matt > -- > -Todd Short > // tsh...@akamai.com <mailto:tsh...@akamai.com> > // “One if by land, two if by sea, three if by the Internet." > >> On Mar 26, 2020, at 11:03 AM, Dr. M

Re: 1.1.1f

gt; > > From: openssl-project On Behalf Of > Dmitry Belyavsky > Sent: Thursday, March 26, 2020 3:48 PM > To: Matt Caswell > Cc: openssl-project@openssl.org > Subject: Re: 1.1.1f > > > On Thu, Mar 26, 2020 at 5:14 PM Matt Caswell <mailto:m...@opens

Re: 1.1.1f

bit of stuff, I propose > that we do a 1.1.1f soon (possibly next Tuesday - 31st March). > > Thoughts? > How about adding #11411 constant time AES no-asm support then? that should be safe, as it is something that is not enabled by default. > Matt >

RE: 1.1.1f

> Please also consider reverting the change for the 3.0 alpha release as well, > see Daniel Stenbergs comment > https://github.com/openssl/openssl/issues/11378#issuecomment-603730581 Never mind my last comment. I noticed a lot of discussion has been going on in issue #11378 and I was not quite

RE: 1.1.1f

:48 PM To: Matt Caswell Cc: openssl-project@openssl.org Subject: Re: 1.1.1f On Thu, Mar 26, 2020 at 5:14 PM Matt Caswell mailto:m...@openssl.org>> wrote: The EOF issue (https://github.com/openssl/openssl/issues/11378) has resulted in us reverting the original EOF change in the 1.1.1 branch

Re: 1.1.1f

ken quite a bit of stuff, I propose > that we do a 1.1.1f soon (possibly next Tuesday - 31st March). > > Thoughts? > I strongly support this idea. -- SY, Dmitry Belyavsky

Re: 1.1.1f

ve broken quite a bit of stuff, I propose > that we do a 1.1.1f soon (possibly next Tuesday - 31st March). > > Thoughts? I think my opinion is clear from the discussions in GitHub. But for the record: Yes, I agree with it, unless we know of anything major just ahead. -- Tomáš Mráz No matte

Re: 1.1.1f

a bit of stuff, I propose > that we do a 1.1.1f soon (possibly next Tuesday - 31st March). > > Thoughts? > slow down? > Matt >

1.1.1f

The EOF issue (https://github.com/openssl/openssl/issues/11378) has resulted in us reverting the original EOF change in the 1.1.1 branch (https://github.com/openssl/openssl/pull/11400). Given that this seems to have broken quite a bit of stuff, I propose that we do a 1.1.1f soon (possibly next