The OpenSSL project is pleased to announce a major update to its FIPS 140-2 certificate #4282. The certificate now validates the FIPS provider built from the 3.0.8 release.

OpenSSL 3.0.8 is a maintenance release that addresses several bugs and CVEs in both the OpenSSL libraries and the FIPS provider. This update is particularly significant for the FIPS provider as it includes the remediation of two CVEs within its boundary. For more information on the resolved CVEs specific to the 3.0.8 FIPS provider, please visit our FIPS and CVEs news page.