On Wed, Apr 09, 2025 at 09:34:39PM +0200, Theo Buehler wrote: > Here's the next iteration of our favorite behemoth. It's the LTS set to > replace 3.0 and it will be supported until 2030. I expect we'll want to > keep this while we watch OpenSSL 4.0 being inflicted on humanity. > > I am going to switch the default openssl to 3.4 in the 7.7 cycle and, > per usual, 3.5 will become the default during the 7.8 cycle. We'll > probably stop there and pause for a while. > > PQ + QUIC improvements and a BoringSSL-incompatible QUIC API for using > 3rd party QUIC stacks because compatibility would have meant work for > OpenSSL themselves rather than for all the downstreams. You'll easily > find ads on what other greatness this includes. > > As far as I'm concerned, the best news is that our asm patches are now > finally fully merged upstream. Thanks to sashan for doing the work. > > I tested this on amd64 with IBT, on aarch64 (no BTI) and sparc64. > > I'd appreciate a 'make test' on a BTI-capable aarch64 machine. riscv64 > would be nice as well. Tarball to be extracted from security/openssl.
Sorry, forgot to create a new tarball after I fixed the @conflict marker.
openssl-3.5.tgz
Description: application/tar-gz
