OpenSSL Blog

The Holy Hand Grenade of Antioch


The OpenSSL Management Committee has been looking at the versioning scheme that is currently in use. Over the years we’ve received plenty of feedback about the “uniqueness” of this scheme, and it does cause some confusion for some users. We would like to adopt a more typical version numbering approach.

The current versioning scheme has this format:


The new scheme will have this format:


In practical terms our “letter” patch releases become patch numbers and “fix” is dropped from the concept. In future, API/ABI compatibility will only be guaranteed for the same MAJOR version number. Previously we guaranteed API/ABI compatibility across the same MAJOR.MINOR combination. This more closely aligns with the expectations of users who are familiar with semantic versioning. We are not at this stage directly adopting semantic versioning because it would mean changing our current LTS policies and practices.

The current 1.1.1 and 1.0.2 versioning scheme will remain unchanged.

The current development version (master branch) will be identified as version 3.0.0. The OpenSSL FIPS module currently under development will also follow this versioning scheme. We are skipping the 2.0.0 major version because the previous OpenSSL FIPS module has already used this number.

OpenSSL version 3.0.0 will be the first version that we release under the Apache License 2.0. We will not be applying the Apache License to earlier releases of OpenSSL.