git: 024991b83e - main - Website - Status: Add OpenSSL3 report

From: Sergio Carlavilla Delgado <>
Date: Thu, 28 Sep 2023 10:09:54 UTC
The branch main has been updated by carlavilla:


commit 024991b83e1501239f5e14a867604d9ea3bd063e
Author:     Pierre Pronchery <>
AuthorDate: 2023-09-28 10:08:41 +0000
Commit:     Sergio Carlavilla Delgado <>
CommitDate: 2023-09-28 10:08:41 +0000

    Website - Status: Add OpenSSL3 report
    Approved by:            salvadore@
    Pull Request: 
 .../en/status/report-2023-07-2023-09/openssl3.adoc     | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/website/content/en/status/report-2023-07-2023-09/openssl3.adoc b/website/content/en/status/report-2023-07-2023-09/openssl3.adoc
new file mode 100644
index 0000000000..ce05007fd5
--- /dev/null
+++ b/website/content/en/status/report-2023-07-2023-09/openssl3.adoc
@@ -0,0 +1,18 @@
+=== OpenSSL 3 in base - improved
+Links: +
+link:[OpenSSL Downloads] URL: link:[]
+Contact: Pierre Pronchery <>
+This is a follow-up to the link:[previous quarterly report] on the link:[integration of OpenSSL 3 into the base system].
+The most obvious update since the previous report is certainly the 3.0.10 and then 3.0.11 releases, fixing CVE issues with low to medium severity (link:[CVE-2023-2975], link:[CVE-2023-3446], link:[CVE-2023-3817], link:[CVE-2023-4807]).
+However this is not the only change, and this quarter some issues specific to the integration were fixed, most of which were found while building ports with OpenSSL 3 in the base system.
+This included:
+* Linking the engines and the legacy provider with the shared object, for proper visibility of symbols, and for which a link:[hack was required in the build system].
+* Correcting the list of source files for the FIPS provider.
+* Ensuring backward compatibility for the deprecated 0.9.8 API, which was notably helpful for the PAM authentication module from package:security/pam_ssh_agent_auth[], based on OpenSSH's man:ssh-agent[1] authentication mechanism.