I've done a review of the 1.1.1 release criteria against the current status. See below.
TL;DR summary: Status is generally good. There are some outstanding issues and PRs that need input from various people. Specifically there are actions for: @levitte, @paulidale, @dot-asm, @mspncp, @t-j-h Criteria: All open github issues/PRs older than 2 weeks at the time of release to be assessed for relevance to 1.1.1. Any flagged with the 1.1.1 milestone to be closed Status: There are currently 7 open issues flagged against 1.1.1. Of these 1 has had a fix merged and we're awaiting confirmation that the fix has worked. 2 have fixes available in currently open PRs. The remaining 4 are: 6490: Reuse of PSKs between TLS 1.2 and TLS 1.3 is questionable This is the subject of current IETF TLS WG debate. One option is to simply disable TLS1.3 if 1.2 PSKs are in use. 5944: Policy issue: TLSv1.3 makes upgrade without program modification impossible I think this can be closed, but I'd like @levitte to confirm 3901: pthread_atfork for android API < 21 It's unclear to me what needs to be done here. 3254: flaws in OpenSSL-1.1.1-dev builds on Windows I'm not sure what the next step is. @levitte probably needs to take another look. There are 8 currently open PRs flagged against 1.1.1. 3 of these are new (within the last couple of days). The remaining 5 older ones are: 6694: Update sm2_crypt.c We're waiting on a CLA or confirmation of triviality. Also @paulidale had a comment, which has been responded to. Not sure if it was a satisfactory answer (@paulidale should probably check). 6623: Fix potential NULL pointer dereference in EVP "int_ctx_new" It's unclear what needs to happen next. 6596: crypto/o_fopen.c: alias fopen to fopen64 @t-j-h made a comment...awaiting a response from @dot-asm 6075: Increase number of MR tests for RSA prime generation Waiting on review comments from @mspncp 5035: Recreate OS390-Unix Awaiting input from @t-j-h. It's not clear to me if this issue justifies the 1.1.1 label? I think OS390 is an issue even in 1.1.0? Criteria: Clean builds in Travis and Appveyor for two days Status: Both Travis and Appveyor are currently clean. Criteria: run-checker.sh to be showing as clean 2 days before release Status: run-checker is currently clean. Criteria: No open Coverity issues (not flagged as "False Positive" or "Ignore") Status: There is one currently open Coverity issue not flagged as "false positive" or "ignore". This issue has been fixed, and should be cleared the next time coverity is updated. Criteria: TLSv1.3 RFC published (with at least one beta release after the publication) Status: The RFC number will be 8446. The RFC Editor has done the first pass editing, and those edits are being reviewed by ekr. See https://github.com/tlswg/tls13-rfc. From our perspective we are ready to apply the final RFC updates as soon as it is published (see PR 6741), so we should be able to do the final beta release shortly afterwards. Matt _______________________________________________ openssl-project mailing list [email protected] https://mta.openssl.org/mailman/listinfo/openssl-project
