Download page is not showing latest version of 3.0/3.1/3.2 openssl #24424
-
as per details mentioned on https://www.openssl.org/news/vulnerabilities.html, you have fixed "CVE-2024-2511" in below listed version, but none of them are available to download on your download page - https://www.openssl.org/source/
from where should we procure above reported openssl version ? |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
These releases were not prepared yet. If you follow the link to the full text of the security advisory you will see the following paragraph: Due to the low severity of this issue we are not issuing new releases of We expect to prepare and publish these releases by the end of May. |
Beta Was this translation helpful? Give feedback.
-
Thanks @t8m for clarification, we will wait for the release. |
Beta Was this translation helpful? Give feedback.
These releases were not prepared yet.
If you follow the link to the full text of the security advisory you will see the following paragraph:
Due to the low severity of this issue we are not issuing new releases of
OpenSSL at this time. The fix will be included in the next releases when they
become available. The fix is also available in commit 53ea064 (for 3.3),
commit da343d0 (for 3.2), commit 9c39b38 (for 3.1) and commit 3559e86
(for 3.0) in the OpenSSL git repository.
We expect to prepare and publish these releases by the end of May.