Hi Sebastian, none of these releases were created yet as all the recent vulnerabilities fixed are of Low severity. However there will be new releases in near future (no concrete date set yet) because the previous releases were done almost 3 months ago. Regards, Tomas Mraz, OpenSSL On Mon, 2023-04-24 at 11:52 +0000, Sebastian Koerner wrote: > Hello openssl-users. > > https://www.openssl.org/news/vulnerabilities.html says > > CVE-2023-0465Invalid certificate policies in leaf certificates are > silently ignored [Low severity] 23 March 2023: [...] > * Fixed in OpenSSL 3.1.1 (git commit) (Affected since 3.1.0) > * Fixed in OpenSSL 3.0.9 (git commit) (Affected since 3.0.0) > * Fixed in OpenSSL 1.1.1u (git commit) (Affected since 1.1.1) > * Fixed in OpenSSL 1.0.2zh (Affected since 1.0.2) > However: I can't seem to find 1.1.1u for download. Is it released > yet? > -- Tomáš Mráz, OpenSSL
