Topic: New download using openssl 1.1.1q?

[jjaimez]

Will there be an upcoming release for Win64 that is built with OpenSSL 1.1.1q? There is a CVE that is out causing our network scanners to flag this as a vulnerable asset in our company and it requires an updated version for us to correct. Thank you for any info you can share with a timeframe (if available)

[admin]

See : https://www.apachelounge.com/viewtopic.php?t=8926

And : https://www.apachelounge.com/viewtopic.php?t=8925

[jjaimez]

I have seen those posts already and they did not help my situation but thank you for the reply. Do you know if there is a way or method to update the OpenSSL version I currently have running?

[admin]

What problem in your company is solved by using version q ?

[jjaimez]

Our network security scanning unit has detected CVE-2022-2097 against the server I support. It is not 32 bit but I am not sure the company cares about that. It appears they only want the issue resolved. Sorry for the delay in responding.

[kostya]

Is there a plan to release an updated build with 01.1.1w?

[Steffen]

No plans

[kostya]

So, the only way to get it is using CMake?

[Steffen]

OpenSSL 1.1.1 series has reached its End of Life (EOL). As such it will no longer receive publicly available security fixes.

[kostya]

Is there a way to update only the openssl version to latest 1.1.1w manually by changing specific files?