OpenSSL: bump minimum required version to 1.0.2f

...in order to safely remove the obsolete OpenSSL flag SSL_OP_SINGLE_DH_USE.
author: Matthias Andree <matthias.andree@gmx.de> 2021-11-20 14:40:55 +0100
committer: Matthias Andree <matthias.andree@gmx.de> 2021-11-20 16:28:41 +0100
commit: 8fcffe46b231ddcc0305a36bf7f9aaf27c7e1a50 (patch)
tree: e0de0d444a5d9a81a39c368473ac9967c26a36c3 /NEWS
parent: 340d00bf9910ed55163be26435f70baf65a64f9d (diff)
download: fetchmail-8fcffe46b231ddcc0305a36bf7f9aaf27c7e1a50.tar.gz
fetchmail-8fcffe46b231ddcc0305a36bf7f9aaf27c7e1a50.tar.bz2
fetchmail-8fcffe46b231ddcc0305a36bf7f9aaf27c7e1a50.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 85942474..f75000ce 100644
--- a/NEWS
+++ b/NEWS
@@ -92,10 +92,14 @@ removed from a 6.5.0 or newer release.)
 --------------------------------------------------------------------------------
 fetchmail-6.4.25 (not yet released):
 
-# CHANGES
+# BREAKING CHANGES
 * Since distributions continue patching for LibreSSL use, which cannot be
   linked legally, block out LibreSSL in configure.ac and socket.c, and
   refer to COPYING.
+* Bump OpenSSL version requirement to 1.0.2f in order to safely remove
+  the obsolete OpenSSL flag SSL_OP_SINGLE_DH_USE. 1.0.2f was a security fix
+  release, and 1.0.2u is publicly available from
+  https://www.openssl.org/source/old/1.0.2/
 
 --------------------------------------------------------------------------------
 fetchmail-6.4.24 (released 2021-11-20, 30218 LoC):
author	Matthias Andree <matthias.andree@gmx.de>	2021-11-20 14:40:55 +0100
committer	Matthias Andree <matthias.andree@gmx.de>	2021-11-20 16:28:41 +0100
commit	8fcffe46b231ddcc0305a36bf7f9aaf27c7e1a50 (patch)
tree	e0de0d444a5d9a81a39c368473ac9967c26a36c3 /NEWS
parent	340d00bf9910ed55163be26435f70baf65a64f9d (diff)
download	fetchmail-8fcffe46b231ddcc0305a36bf7f9aaf27c7e1a50.tar.gz fetchmail-8fcffe46b231ddcc0305a36bf7f9aaf27c7e1a50.tar.bz2 fetchmail-8fcffe46b231ddcc0305a36bf7f9aaf27c7e1a50.zip