oss-security - Re: Forthcoming OpenSSL Releases

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [day] [month] [year] [list]

Date: Mon, 31 Oct 2022 10:34:48 -0600
From: Bob Beck <bbe@...omium.org>
To: demi@...isiblethingslab.com
Cc: Roxana Bradescu <roxabee@...omium.org>, oss-security@...ts.openwall.com, 
	libressl-security@...nbsd.org
Subject: Re: Forthcoming OpenSSL Releases

On Mon, Oct 31, 2022 at 10:31 AM Bob Beck <beck@...use.com> wrote:

>
>
> Begin forwarded message:
>
> *From: *Demi Marie Obenour <demi@...isiblethingslab.com>
> *Subject: **Re: [oss-security] Forthcoming OpenSSL Releases*
> *Date: *October 29, 2022 at 2:19:41 PM MDT
> *To: *oss-security@...ts.openwall.com, Roxana Bradescu <
> roxabee@...omium.org>
> *Cc: *libressl-security@...nbsd.org
>
> On Sat, Oct 29, 2022 at 08:43:08AM -0400, Bob Beck wrote:
>
> Libressl is not vulnerable to the upcoming issue.
>
>
> Is the same true for BoringSSL?
> --
> Sincerely,
> Demi Marie Obenour (she/her/hers)
> Invisible Things Lab
>
>
BoringSSL is not based on OpenSSL 3.0, so it is not affected.

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.