No more security fixes for older OpenSSL branches

The OpenSSL Software Foundation has released new patches for the popular open-source cryptographic library, but for two of its older branches they will likely be the last security updates.

This could spell trouble for some enterprise applications that bundle the 0.9.8 or 1.0.0 versions of OpenSSL and for older systems — embedded devices in particular — where updates are rare.

OpenSSL 1.0.0t and 0.9.8zh, which were released Thursday, are expected to be the last updates because support for these these two branches will end on Dec. 31, as listed in the organization’s release strategy document.

To read this article in full or to leave a comment, please click here

Read more: No more security fixes for older OpenSSL branches

Story added 3. December 2015, content source with full text you can find at link above.