I’ve noticed that in Gstreamer 1.24.3, the open ssl version is 1.1.1.19. That’s what I see when looking at the version info in libcrypto-1_1-x64.dll and libssl-1_1-x64.dll. But openssl is up to version 3.2: OpenSSL Announces OpenSSL 3.2 Alpha 1 - OpenSSL Blog. Furthermore, per OpenSSL 1.1.1 End of Life - OpenSSL Blog, the openssl 1.1.1 series reached EOL on 9/11/23. Can someone comment on if the latest versions of Gstreamer have adedquate openssl support?
You can track the progress of that here: WIP: openssl.recipe: Bump to 3.0.0 (!730) · Merge requests · GStreamer / cerbero · GitLab
Thank you. How much of a priority is it to get GStreamer up to date? My app which uses GStreamer just failed a security audit.
Like so many things open source, someone will get to it when someone gets to it I’m not aware of anyone actively working on it right now.
There are various consultancies that may be able to look into this on a commercial basis if it’s a show-stopper for you.
Otherwise you could try and progress the Merge Request I linked yourself of course, cerbero is open source after all.
Hi, what is involved in finishing the merge request?
See the checklist in the above-mentioned Merge Request.