OpenSSL libs included in latest MS Store package reportedly vulnerable, deprecated v3.3.0

[danielvgoodsuite]

Files:

• libcrypto-3-x64.dll
• libssl-3-x64.dll

Issue:
Vulnerabilities exist in version 3.3.0 and this is getting flagged by Windows Defender as a security risk. Would it be possible to update these files to version 3.3.3 or 3.4?

[liulex]

OpenSSL 3.3.3 has not been released?

[danielvgoodsuite]

The 3.3 vulnerability page lists 3.3.3, but you're right, I don't see any releases for that version. It looks like they've released 3.4 as the latest version.

https://openssl-library.org/news/vulnerabilities-3.3/

Would it be possible to update to version 3.4?

[liulex]

Sure, I will upgrade to OpenSSL 3.4.0 in the next release. Thanks for the reminder!