Re: OpenSSL Security Advisory

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2023-03-23 at 09:45 -0400, rsbecker@xxxxxxxxxxxxx wrote:
> On Thursday, March 23, 2023 3:40 AM, Tomas Mraz wrote:
> > To: rsbecker@xxxxxxxxxxxxx; openssl-users
> > <openssl-users@xxxxxxxxxxx>
> > On Wed, 2023-03-22 at 15:12 -0400, rsbecker@xxxxxxxxxxxxx wrote:
> > > On Wednesday, March 22, 2023 11:50 AM Tomas Mraz wrote:
> > > <snip>
> > > > OpenSSL 3.1 users should upgrade to 3.1.1.
> > > > OpenSSL 3.0 users should upgrade to 3.0.9.
> > > > OpenSSL 1.1.1 users should upgrade to 1.1.1u.
> > > > OpenSSL 1.0.2 users should upgrade to 1.0.2zh (premium support
> > > > customers
> > > only).
> > > 
> > > Is there an ETA for 3.1.1, 3.0.9, 1.1.1u in the github repo?
> > 
> > There is no ETA for the next releases. Unless there is any issue of
> > severity higher
> > than Low we usually do a release in 3 months after the previous
> > patch release.
> 
> Thanks. I was confused by the phrasing of the above, regarding
> upgrading to the new releases that are not in the repo.

There is the `Once they are released:` paragraph just before these
sentences. Perhaps that is too confusing and we should simply drop
these sentences from the Low advisories?

-- 
Tomáš Mráz, OpenSSL





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux