OpenSSL version update

Edward Sandberg ed.sandberg at adventiumlabs.com
Tue Dec 18 20:37:54 CET 2018


On 12/18/18 1:59 AM, Christian Helmuth wrote:
> With his work on issue 3039 [1] Josef Söntgen updated openssl to
> 1.0.2q (commits are already on the staging branch). It was not
> required to adapt curl or libssh in any way for this. As 1.0.2q has
> the same security patch level as 1.1.0j I wonder about your
> requirements for the 1.1 branch. Could you tell us more or maybe your
> application could also be satisfied by a recent 1.0 version?

On [1] it says:

  "The latest stable version is the 1.1.1 series. This is also
  our Long Term Support (LTS) version... All users of 1.0.2 and
  1.1.0 are encouraged to upgrade to 1.1.1 as soon as possible."

and on [2] it says:

  "OpenSSL 1.1.1 is API and ABI compliant with OpenSSL 1.1.0 so
  most applications that work with 1.1.0 can gain many of the
  benefits of TLSv1.3 simply by dropping in the new OpenSSL
  version."

Our main goals are to stay on a LTS version and to utilize TLSv1.3 so
stepping to 1.1.0 was more useful to us in the long term than
stepping to 1.0.2.

[1] https://www.openssl.org/source/
[2] https://www.openssl.org/blog/blog/2018/09/11/release111/

-- 
Edward Sandberg
Adventium Labs
111 3rd Avenue S. Suite #100
Minneapolis, MN 55401
ed.sandberg at adventiumlabs.com



More information about the users mailing list