OpenSSL version numbers are formatted as n1.n2.n3x, where n1-3 are numbers and x, if present, is one or more letters. These can change depending on the release type:
- Major releases that change one/both of the first two digits, which can break compatibility with previous versions
- Minor releases that change the last digit, e.g. 1.1.0 vs. 1.1.1, can and are likely to contain new features, but in a way that does not break binary compatibility. This means that an application compiled and dynamically linked with 1.1.0 does not need to be recompiled when the shared library is updated to 1.1.1. It should be noted that some features are transparent to the application such as the maximum negotiated TLS version and cipher suites, performance improvements and so on. There is no need to recompile applications to benefit from these features.
- Letter releases, such as 1.0.2a, exclusively contain bug and security fixes and no new features.
The full release strategy for OpenSSL is available here
Finding the current version
The command line tool version can be used to determine the installed OpenSSL version.
Header file opensslv.h also contains information about the version number.