> the german bureau for IT-Security "BSI" (Bundesamt für Sicherheit in der Informationstechnik) has issued a warning
forCVE CVE-2022-42889 with the name commons-text. Insurance companies are obliged to analyse the installed software for
vulnerabilitiesof this type.
As the Barmenia is using your product PostgreSQL Server it is necessary to obtain all information regarding any
vulnerabilityagainst above CVE.
We kindly ask you to provide information if the above product is affected by the CVE and if yes, when a fix will be
available.
> With the request for short-term feedback.
It might be prudent for Barmenia, a large insurance company, to consider
purchasing commercial support rather than requesting short-term feedback
from volunteers.
Other than that there's also excellent documentation and freely
inspectable source code.
Best regards,
Karsten
