![upgrade my mac tsl to 1.2 upgrade my mac tsl to 1.2](https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/media/tls-certificate-properties.png)
![upgrade my mac tsl to 1.2 upgrade my mac tsl to 1.2](https://d1smxttentwwqu.cloudfront.net/wp-content/uploads/2020/08/chrome-windows-tls1.0-advanced.png)
OS X has a command line tool openssl which reports that it is running OpenSSL 1.0.2d of 9 July 2015, just the same as OS X 10.11.3 did, and according to OpenSSL suffering the serious vulnerability. The current stable versions of OpenSSL are 1.0.1s and 1.0.2g, which address the serious vulnerability detailed here. For OpenSSL the version numbers are even more worring: according to the security notes, OS X 10.11.4 released on 21 March 2016 has version 0.9.8zh, whose support was discontinued at the end of 2015 and “should not be used” according to OpenSSL.
![upgrade my mac tsl to 1.2 upgrade my mac tsl to 1.2](https://www.cloudinsidr.com/content/wp-content/uploads/2018/05/https-3344700.jpg)
LibreSSL 2.1.8 is relatively recent, having been released on 15 October 2015 the current version is 2.2.6, though. I was therefore a little surprised to read that, among the many security fixes in OS X 10.11.4, LibreSSL was updated to version 2.1.8, and OpenSSL to 0.9.8zh. In 2014, LibreSSL was forked from OpenSSL, and with El Capitan Apple has opted to use LibreSSL while still providing OpenSSL. In recent years, a succession of vulnerabilities have been discovered in the most popular open source implementation OpenSSL, resulting in a fairly rapid ascent of version numbers. Secure internet connections, using what used to be the Secure Sockets Layer (SSL) but has now been superceded by Transport Layer Security (TLS), are vital to OS X: they do the donkey work for HTTPS connections, and provide extensive cryptographic and related functions to many apps.