OpenSSL bug

Gabor Gabanyi gabanyga at
Tue Nov 1 19:05:28 UTC 2022

Hi Scott,

Thanks.  Is the IdP affected by this OpenSSL vulnerability?


-------- Original Message --------
From: Cantor, Scott via users [mailto:users at]
Sent: Tuesday, November 1, 2022 at 12:05 PM EDT
To: users at <users at>
Cc: Cantor, Scott <cantor.2 at>
Subject: OpenSSL bug

> OpenSSL's critical advisory just dropped, and as expected I don't think the SP is particularly vulnerable but I was planning to go ahead and release 3.4 anyway out of caution (i.e. I need to update the libs on Windows so that's a good enough reason to go ahead and distribute a few other fixes).
> Don't see a need to rush it but should be out late today or tomorrow.
> -- Scott
> -- 
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to users-unsubscribe at

More information about the users mailing list