Skip to content
July 1, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Watchtower
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • News
  • Technology
  • OpenSSL change development strategy: switch to the GitHub issue to discuss the patch
  • Technology

OpenSSL change development strategy: switch to the GitHub issue to discuss the patch

Do Son January 22, 2018 2 minutes read
Add as a preferred
source on Google

OpenSSL development team announced some changes in the project development strategy. This includes closing the openssl-dev list and choosing to discuss all the patches on GitHub. In addition, a new read-only mailing list, openssl-project for users worldwide, was added.

They also said they are changing the release schedule, so unless there is an emergency, the security update will be released on Tuesday, the pre-announcement last Tuesday. The team said they did not think it necessary to sacrifice their weekend time for every single CVE leak.

Image: linuxjust4u

For technical debt, in addition to the issue on GitHub, the code is also refactored to make it cleaner and contains fewer errors. They recently added PACKET and WPACKET APIs to libssl to make the code clearer and to avoid handlers’ code-handling errors such as forgetting to check the buffer length. The development team also built a new “technical-debt” tag on GitHub to tag content about technology debt.

Regarding the OpenSSL roadmap, the development team said they are still committed to making TLS 1.3 a major feature of the next release. Of course, this has to wait for the IETF to finish it. In addition, they will also change the open source license in the next release. The next major feature behind OpenSSL 1.1.1 will be FIPS.

Reference: openssl

Related coverage

  • OpenAI Postpones Open-Weight AI Model Release Over Security Fears; WindSurf Acquisition Collapses
  • Agentic Evolution: Lenovo Unveils “Qira” and AI Cloud Gigafactories at CES 2026
  • Broadcom’s Game-Changing Move: VMware Fusion and Workstation Now Free for All Users
  • Microsoft Warns of High CPU Usage in Classic Outlook
  • The Silver Jubilee: Wikipedia Inks Landmark AI Deals with Meta, Microsoft, and Amazon

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Share this article:

Facebook Post LinkedIn Telegram
Written by
@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: openssl

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-48558CVSS 10.0
    SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication...
    Admin intelCISA KEV📅 Added to KEV: Jun 29, 2026📅 Updated: Jun 29, 2026
  • CVE-2026-46817CVSS 9.8
    Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected...
    Admin intel📅 Updated: Jun 29, 2026
  • CVE-2026-28496CVSS 9.4
    FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
    Admin intel📅 Updated: Jun 25, 2026
  • CVE-2026-12569
    A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The...
    CISA KEV📅 Added to KEV: Jun 25, 2026
  • CVE-2025-67038CVSS 9.8
    An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...
    CISA KEV📅 Added to KEV: Jun 23, 2026
  • CVE-2026-34908CVSS 10.0
    A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
    CISA KEV📅 Added to KEV: Jun 23, 2026
  • CVE-2026-34909CVSS 10.0
    A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
    CISA KEV📅 Added to KEV: Jun 23, 2026
  • CVE-2026-34910CVSS 10.0
    A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
    CISA KEV📅 Added to KEV: Jun 23, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-11387CVSS 9.8
    The SMS Alert – SMS & OTP for WooCommerce, Order Notifications &...
  • CVE-2026-10539CVSS 9.0
    A Control-M/Server communication command does not sufficiently filter or sanitize user-supplied input....
  • CVE-2026-7839CVSS 9.1
    UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded...
  • CVE-2026-6070CVSS 9.1
    The WP-BusinessDirectory plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Deletion...
  • CVE-2026-7840CVSS 9.8
    UltraVNC repeater through 1.8.2.2 contains a global buffer overflow in its embedded...
  • CVE-2026-56700CVSS 9.8
    Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize() calls...
  • CVE-2026-56278CVSS 9.1
    Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses a weak hardcoded...
  • CVE-2026-50003CVSS 9.8
    A malicious or compromised server can make a DCMTK client using bit-preserving...
  • CVE-2026-58449CVSS 9.8
    txtai through 9.10.0, fixed in commit 11b32da, exposes an API /reindex endpoint...
  • CVE-2026-7874CVSS 9.1
    IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow disclosure of all...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.