As part of the OpenSSL project’s commitment to deliver a secure and high quality
cryptography toolkit, we routinely apply fuzzing to the OpenSSL codebase, which
searches automatically for potential bugs in upcoming OpenSSL releases. This
fuzzing process runs continuously and on an ongoing basis and as such, bugs can
be identified by our fuzzing infrastructure at any time.
Due to a small number of bugs which have been identified by the ongoing use of
fuzzing, the OpenSSL Project has made the decision to postpone the final release
of OpenSSL 3.2 by at least a week. While we have promptly fixed all bugs
presently identified by fuzzing, to ensure the quality of OpenSSL 3.2, we do not
intend to make the final release until all issues identified by fuzzing have
been addressed and no new issues are found for one week. As a result, we have
pushed the full release of OpenSSL 3.2 to the 23rd November 2023. Please stay
tuned to our blog for more details on the matter.
In the meantime, the OpenSSL 3.2 Beta is
currently available. We encourage all OpenSSL users to build and test against
the beta release and provide feedback.
OpenSSL 3.2 will be our last release before we transition to a time-based
release schedule
on a 6-month cadence, with regular feature releases in October and April each
year.
A complete summary of the major new features and significant changes in OpenSSL
3.2 can be found in the NEWS file;
a more detailed list of changes in OpenSSL 3.2 can be found in the
CHANGES file on
GitHub.
Please download OpenSSL 3.2 beta1 from here
and let us know about any problems you encounter by opening an issue at our
GitHub page.
Feedback from the community and your involvement in testing external
applications against the next version of OpenSSL is crucial to the continued
quality of the OpenSSL releases. Please get in touch with us at
feedback@openssl.org or on GitHub
Discussions