Home > mailing lists

Re: Open SSL Version Query - Mailing list pgsql-general

From	Laura Smith
Subject	Re: Open SSL Version Query
Date	March 23, 2022 17:23:55
Msg-id	yVWAWG494oeCa71clO0AL4cH_7EjdlSTC5w-I7Cz1V4MJbrRat9paVy60cZYTQyYzP-cJIgX0tblit_9qkUTD0pg8y-o2Kn_nwzC-TGDWOs=@protonmail.ch Whole thread Raw
In response to	Open SSL Version Query (Sahaj Diwan <diwansahaj@gmail.com>)
List	pgsql-general

Tree view

Hi Sahaj

AFAIK this is a question for you to ask your chosen OS provider.

Postgres will be compiled against the system library (dynamic linking) therefore whether your version of OpenSSL has
beenpatched against the vulnerability is a question for your OS provider, not Postgres. 

Unless of course you've installed your own version of OpenSSL, in which case you need to ask yourself. ;-)

Laura

------- Original Message -------

On Wednesday, March 23rd, 2022 at 11:48, Sahaj Diwan <diwansahaj@gmail.com> wrote:

> Hi Team,
>
> Do we use openssl version 1.0.2, 1.1.1 or 3.0 in postgre 13.If yes then these version are vulnerable CVE-2022-0778
whichis now fixed in later ssl version. 
>
> Regards,Sahaj

pgsql-general by date:

From: Sahaj Diwan
Date: 23 March 2022, 14:48:27
Subject: Open SSL Version Query

From: Viliam Ďurina
Date: 23 March 2022, 19:56:09
Subject: Unexpected zero results

Re: Open SSL Version Query - Mailing list pgsql-general

Previous

Next