The OpenSSL project is pleased to announce an update to its FIPS 140-2
certificate #4282. The certificate now validates the FIPS
provider built from the 3.0.8 and 3.0.9 releases.
The OpenSSL 3.0.9 maintenance release fixed the Low severity security issue
CVE-2023-1255 which affects the FIPS module when running on ARM 64 bit
platforms. For this reason the 3.0.9 version was submitted for validation and
the updated FIPS certificate is now available.
For more information on the resolved CVEs specific to the FIPS provider,
please visit our FIPS and CVEs news page.
This article has been indexed from OpenSSL Blog