* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 1.0.1e was released on Feb 11, 2013.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
documentation is included in each OpenSSL distribution under the docs
directory.
-For information on parts of libcrypto that are not yet documented, you
-might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's
-predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>. Much
-of this still applies to OpenSSL.
-
There is some documentation about certificate extensions and PKCS#12
in doc/openssl.txt
* I'm SURE I've found a bug, how do I report it?
+To avoid duplicated reports check the mailing lists and release notes for the
+relevant version of OpenSSL to see if the problem has been reported already.
+
Bug reports with no security implications should be sent to the request
tracker. This can be done by mailing the report to <rt@openssl.org> (or its
alias <openssl-bugs@openssl.org>), please note that messages sent to the
in a report please use one or more of the keys of the team members listed
at <URL: http://www.openssl.org/about/>
+Note that bugs only present in the openssl utility are not in general
+considered to be security issues.
+
[PROG] ========================================================================
* Is OpenSSL thread-safe?