Plans on security issues with OpenSSL 1.1.1 after September 2023?

To: debian-devel@lists.debian.org
Subject: Plans on security issues with OpenSSL 1.1.1 after September 2023?
From: deb251@lewenberg.com
Date: Mon, 3 Apr 2023 19:17:29 -0700
Message-id: <[🔎] 2cd2063c-431b-549c-f181-1c3039f03904@lewenberg.com>
Reply-to: deb251@lewenberg.com

On 2023-09-11 version 1.1.1 of OpenSSL will no longer get any fixes. Toquote from their recent posting(https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/):

"[OpenSSL 1.1.1] will no longer be receiving publicly available securityfixes after that date."

Debian bullseye does not reach its EOL until mid-2024. Between September2024 and bullseye's EOL, if a security issue comes up with OpenSSL1.1.1, what can we expect from Debian's openssl package maintainers?

Reply to:

Prev by Date: Bug#1033925: ITP: png2svg -- CLI utility for converting small PNG images to SVG Tiny 1.2
Next by Date: Bug#1033934: ITP: puppet-module-voxpupuli-kmod -- Puppet module for manipulating modprobe and kernel modules
Previous by thread: Bug#1033925: ITP: png2svg -- CLI utility for converting small PNG images to SVG Tiny 1.2
Next by thread: Bug#1033934: ITP: puppet-module-voxpupuli-kmod -- Puppet module for manipulating modprobe and kernel modules
Index(es):
- Date
- Thread