It appears that in 5.6, OpenSSL 1.1.1t is still used. https://openssl-corporation.org/post/2023-09-11-eol-111/ states that OpenSSL’s 1.1.1 branch is end-of-life and is no longer receiving publicly available security fixes as of nearly two years ago, and https://openssl-library.org/news/vulnerabilities-1.1.1/ indicates that there are 14 published CVEs for this version of OpenSSL.
What are Epic’s plans regarding versions of OpenSSL in future versions Of UE, please? We would ideally like to see UE quickly move onto a currently supported version of OpenSSL such as 3.5, which is an LTS version and will be supported until 2030 according to https://openssl-library.org/roadmap/index.html .