On 12/01/16 22:43, Joe Flowers wrote: > Hello OpenSSL Developers, > > > I understand through your previous announcements that OpenSSL 0.9.8 is no longer "supported", and no more "security fixes", nor "security updates" will be provided by OpenSSL.org. > > > Does this mean that we can expect no more CVEs to be generated or listed for OpenSSL 0.9.8 also? Not supported means we will no longer being doing work on the 0.9.8 or 1.0.0 branches. This includes any analysis which may lead to a CVE assignment. Matt
