| From: | "Vibhu Chauhan (iDEAS-ER&D)" <vibhu(dot)chauhan(at)wipro(dot)com> |
|---|---|
| To: | "pgsql-bugs(at)lists(dot)postgresql(dot)org" <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
| Subject: | OpenSSL v1.1.1n in postgres |
| Date: | 2022-03-26 17:32:12 |
| Message-ID: | TYZPR03MB61083FA623BE6FF1580A1B11F01B9@TYZPR03MB6108.apcprd03.prod.outlook.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Hi Postgres support,
In one security scan we found that OpenSSL v1.1.1k is vulnerable which is sub-component of postgres 13.3. From below link we came to know that affected OpenSSL version 1.1.1k is fixed in 1.1.1n version. We wanted to know which postgres version having this fix version of OpenSSL? And is there any steps to mitigate the risk of version 1.1.1k?
https://www.cvedetails.com/cve/CVE-2022-0778/
[cid:image001(dot)png(at)01D84165(dot)82EAFC10]
Thanks & Regards,
Vibhu Chauhan
Mob- (+91) 9610155774
Internal to Wipro
'The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com'
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2022-03-26 20:32:19 | Re: OpenSSL v1.1.1n in postgres |
| Previous Message | Michael Paquier | 2022-03-26 11:33:48 | Re: BUG #17448: In Windows 10, version 1703 and later, huge_pages doesn't work. |