Re: Expected OpenSSL versions in 14-stable and 15-current

In reply to: Enji Cooper (yaneurabeya): "Re: Expected OpenSSL versions in 14-stable and 15-current"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Ronald Klop <ronald-lists_at_klop.ws>
Date: Mon, 17 Mar 2025 10:37:14 UTC

Van: "Enji Cooper (yaneurabeya)" <yaneurabeya@gmail.com>
Datum: maandag, 17 maart 2025 02:34
Aan: Minsoo Choo <minsoochoo0122@proton.me>
CC: FreeBSD CURRENT <freebsd-current@freebsd.org>
Onderwerp: Re: Expected OpenSSL versions in 14-stable and 15-current
> 
> > On Mar 12, 2025, at 4:19PM, Minsoo Choo <minsoochoo0122@proton.me> wrote:
> >
> > OpenSSL 3.5 LTS alpha has been just released [1]. The expected EOL date of OpenSSL 3.0 LTS is September 7th 2026 [2]. FreeBSD 15 is expected to be release in December 2025, and FreeBSD 14.5 is expected to be released in September 2026. 14-stable will be see its EOL on November 30th, 2028 [3].
> >
> > Will FreeBSD 15 contain OpenSSL 3.5 LTS in this December? And for 14-stable, will it have upgrade to OpenSSL 3.5 LTS before FreeBSD 14.5 or just maintain 3.0 LTS with our own bug/security fixes until 14-stable's end-of-life date?
> >
> > [1] https://github.com/openssl/openssl/releases/tag/openssl-3.5.0-alpha1
> > [2] https://en.wikipedia.org/wiki/OpenSSL#Major_version_releases
> > [3] https://www.freebsd.org/security/#sup
> 
> Hi Minsoo,
>     It makes sense to upgrade to 3.5 on CURRENT, but I don’t think we can do that on STABLE branches because of ABI/KBI compatibility guarantees.
> Cheers,
> -Enji
> 
> 
> 


According to the OpenSSL versioning definition[1] the change from 3.0 to 3.5 is a minor version change which only does "API/ABI compatible feature releases".
Although I think it is wise to first update CURRENT and learn from what the project encounters when doing that action before deciding about 14-stable.

[1] https://openssl-library.org/policies/releasestrat/index.html

Regards,
Ronald.