Hi,

 

I am a maintainer for https://github.com/openenclave/openenclave. We include mbedtls 2.16 as a submodule in our project.

 

Reading the article below, it states that 2.16 support will last at least till Dec 2021. Will you continue to support 2.16 in 2022?

https://tls.mbed.org/tech-updates/blog/announcing-lts-branch-mbedtls-2.16

 

We are specifically interested in CVE fixes being backported to 2.16 and the timeframe where that will continue. Is there an updated timeline for this?

 

We do plan to upgrade to 3.0 in early 2022, but we anticipate that will take some effort due to breaking changes.

 

Thank you very much!

Radhika