> Yes, because it's patched source and also there is no openssl in the archive > that's built for a standalone target, which edk2 must be. See > CryptoPkg/Library/OpensslLib/EDKII_openssl-1.0.2h.patch for the current > patch against upstream openssl source.
You're actually shipping openssl 1.1.0 now, and the changelog says it's now unpatched. Kurt
