Closed VeteranCoder closed 1 year ago
Please do not assume that I am not aware of this issue. That is rude.
I apologize for offending. As a professional developer myself, I always figure that I should raise such issues if it is not already in the issue list. I use your product, btw. Is there an announcement I should have seen? Perhaps a public-facing backlog? A document for future release targets?
While I do not take offense, I would like to point out that it could be considered rude to rebuke someone who was only seeking to help, even if it only creates a check-list item to mark as done when implemented and released.
Give people some time. You are flagging an issue that is not even possible to fix yet. If someone does not fix it on their own after 2-3 days, then raise an issue. But prematurely filing an issue on a project, which is not even a company owned but a spare time project, feels rude to me.
To make issues more manageable, I would appreciate it if you fill out the following details as applicable:
General information
Device Independent, serious security flaw found in OpenSSL 3.x
Description of the issue
OpenSSL team announced a serious security flaw for which a patch is coming on 11/1/2022. They announced everyone must update ASAP due to the seriousness of the flaw. See OpenSSL warns of critical security vulnerability with upcoming patch.