OpenSSL 1.1.1 series has reached its End of Life (EOL). As such it will no longer receive publicly available security fixes.
OpenSSL 1.1.1 was released on 11th September 2018 as a Long Term Support (LTS) release. LTS lasts five years and consequently OpenSSL 1.1.1 has reached its EOL as of today, 11th September 2023.
If your copy of OpenSSL 1.1.1 is from an Operating System vendor (e.g. via
.deb packages) or another third party then the support periods
for them may differ to those provided by the OpenSSL Project itself.
Check with the OS vendor/other third party on what support for OpenSSL
If you downloaded your copy of OpenSSL 1.1.1 direct from the OpenSSL project then it is time to upgrade to a more recent version. Our most recent version is OpenSSL 3.1 which will be supported until 14th March 2025. Also available is OpenSSL 3.0 which is an LTS release and will be supported until 7th September 2026. Our migration guide provides useful information on the issues to consider when upgrading.
Another option is to purchase a premium support contract which offers extended support (i.e. ongoing access to security fixes) for 1.1.1 beyond its public EOL date. There is no defined end date for this extended support and we intend to continue to provide it for as long as it remains commercially viable for us to do so (i.e. for the foreseeable future). Further information is available on our support contracts page. Email firstname.lastname@example.org for further information.