From 5c49ed857af685f175b6f13df7ac76fd373ce2fb Mon Sep 17 00:00:00 2001
From: Matthias Andree <matthias.andree@gmx.de>
Date: Wed, 31 Jan 2024 21:21:25 +0100
Subject: Tighten OpenSSL/wolfSSL version requirements.

---
 NEWS | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'NEWS')

diff --git a/NEWS b/NEWS
index 46bfa764..10a5330c 100644
--- a/NEWS
+++ b/NEWS
@@ -102,6 +102,17 @@ removed from a 6.5.0 or newer release.)
 --------------------------------------------------------------------------------
 fetchmail-6.4.38 (not yet released):
 
+# BREAKING CHANGES:
+* Tighten OpenSSL and wolfSSL version requirements again. See README.SSL.
+  Distributors providing older versions that they backport security fixes for 
+  may want to patch socket.c but remember to redirect support to your 
+  distribution's support channels.
+  The fetchmail maintainer only supports functionally unmodified builds with 
+  publicly available SSL/TLS library versions.
+  fetchmail will refuse to build against OpenSSL 1.0.2 older than 1.0.2u,
+  or wolfSSL older than 5.6.2. It will warn about OpenSSL older than 3.0.9,
+  or between 3.1.0 and 3.1.4, or wolfSSL older than 5.6.6.
+
 # TRANSLATIONS: language translations were updated by these fine people:
 (in reverse alphabetical order of language codes):
 * ru:    Kirill Isakov [Russian]
-- 
cgit v1.2.3