OpenSSL 3.0.7 & BoringSSL
361 views
Skip to first unread message
Adam Langley
Nov 1, 2022, 1:30:08 PM11/1/22
to Security-dev
Dear all,
We have received numerous inquiries about OpenSSL’s 3.0.7 release and would like to note that BoringSSL, as used in Chromium and Google’s production services, is not affected by the bugs fixed in OpenSSL 3.0.7, i.e. CVE-2022-3602 and CVE-2022-3786. Thus there is no need to update Chrome in response to these issues.
Thank you
AGL
We have received numerous inquiries about OpenSSL’s 3.0.7 release and would like to note that BoringSSL, as used in Chromium and Google’s production services, is not affected by the bugs fixed in OpenSSL 3.0.7, i.e. CVE-2022-3602 and CVE-2022-3786. Thus there is no need to update Chrome in response to these issues.
Thank you
AGL
Reply all
Reply to author
Forward
0 new messages