Hello Raghavendra, If you click on the links you will see that these commits are actually present in the 3.3.3 release as the openssl-3.3.3 tag includes them. Kind regards, Tomas Mraz, OpenSSL On Mon, 2025-03-03 at 15:22 +0000, Prasad, PCRaghavendra wrote: > > > Hi Team, > > Need one help in understanding / need clarification as we are having > some confusion within the team about the fix status. > > We are using blackduck to check the vulnerabilities in our > application and here for one of the issues it shows that fix is > available and fixed in. > * > openssl-3.3 branch by this commit which is not yet included in any > release > This means that fix is not present in openssl 3.3.x ? why it is > mentioned as not yet included in any release? > > And in some cases, it is mentioned as > * openssl-3.3 branch by this commit. > > This also means fix is available in openssl 3.3.x ? or it will be > available in next release? > > > > > Thanks, > Raghavendra > > > Internal Use - Confidential -- Tomáš Mráz, OpenSSL -- You received this message because you are subscribed to the Google Groups "openssl-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to openssl-users+unsubscribe@xxxxxxxxxxx. To view this discussion visit https://groups.google.com/a/openssl.org/d/msgid/openssl-users/28662baa1b66cf8c37c8fd1dd7c3eecedd1fbcc8.camel%40openssl.org.
