From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: Forthcoming OpenSSL Releases Date: Wed, 24 May 2023 10:02:11 +0100 Message-ID: <8DF27C56-97B2-40B5-BCD6-9EDCCA433A76@ipfire.org> In-Reply-To: <2c3addb2-69e3-f0de-2ac9-58268c9650eb@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6491561999012912350==" List-Id: --===============6491561999012912350== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello, > On 24 May 2023, at 09:47, Adolf Belka wrote: >=20 > Hi Michael, >=20 > On 24/05/2023 10:07, Michael Tremer wrote: >> It looks like we might not want to release the forthcoming Core Update bef= ore this. >>=20 >> I did not hear any rumours about what might be the issue, but I would say = that it wouldn=E2=80=99t hurt us to wait. >>=20 >> What other outstanding issues do we have that are currently blocking the u= pdate? >>=20 > The fix for Bug#13117 has been merged into master so that is no longer bloc= king. >=20 > As mentioned to Peter, I recommend reverting my fix for Bug#11048 as some i= ssues were found by myself (missed in my own testing) plus from other testers= reporting in the forum. I am making progress on this but there are still som= e bits outstanding. The bug has been around for a long time so it won't hurt = for it to wait till Core Update 176. Okay. Let=E2=80=99s rather have the right fix than a quick one. I agree! > I haven't found anything else that was a problem and I haven't seen any oth= er issues mentioned in the forum that look to be caused by CU175. That sounds good then! > Regards, > Adolf. >> -Michael >>=20 >>> Begin forwarded message: >>>=20 >>> From: Tomas Mraz >>> Subject: Forthcoming OpenSSL Releases >>> Date: 24 May 2023 at 05:06:12 BST >>> To: "openssl-project(a)openssl.org" , "ope= nssl-users(a)openssl.org" , openssl-announce(a)o= penssl.org >>> Reply-To: openssl-users(a)openssl.org >>>=20 >>> The OpenSSL project team would like to announce the forthcoming release >>> of OpenSSL versions 3.0.9, 1.1.1u and 1.0.2zh. Note that OpenSSL 1.0.2=20 >>> is End Of Life and so 1.0.2zh will be available to premium support=20 >>> customers only. >>>=20 >>> These releases will be made available on Tuesday 30th May 2023=20 >>> between 1300-1700 UTC. >>>=20 >>> These are security-fix releases. The highest severity issue fixed in=20 >>> each of these three releases is Moderate: >>>=20 >>> https://www.openssl.org/policies/secpolicy.html >>>=20 >>> Yours >>> The OpenSSL Project Team >>>=20 >>=20 >=20 > --=20 > Sent from my laptop --===============6491561999012912350==--