Fedora 37 Release Delayed To Mid-November Over Critical OpenSSL Vulnerability
The Red Hat Security Team has advised delaying Fedora 37 to allow time for mitigated OpenSSL packages to be made part of the F37 release images rather than shipping known vulnerable OpenSSL packages as part of F37 and expecting users to run the OS updates in a timely manner.
Details of this "critical" security vulnerability in OpenSSL aren't yet public but should see its embargo lifted next Tuesday. We'll see how nasty this latest OpenSSL vulnerability is on Tuesday but it's ranked critical and the Red Hat Product Security team advised in delaying Fedora 37.
So as announced today, Fedora 37 is aiming for release on 15 November. Fedora 37 if all had went well this cycle could have released as early as 18 October but prior release bugs delayed the release and now this OpenSSL headache for the security team. In any event, when Fedora 37 ships mid-November it should be a fantastic release. Fedora 37 has many exciting features including the latest GNOME 43 desktop, updated compiler toolchain components, retiring of ARMv7 support, a preview of the new Anaconda web-based installer, official support for the Raspberry Pi 4, and a whole lot more.