Hi Sahaj AFAIK this is a question for you to ask your chosen OS provider.
Postgres will be compiled against the system library (dynamic linking) therefore whether your version of OpenSSL has been patched against the vulnerability is a question for your OS provider, not Postgres. Unless of course you've installed your own version of OpenSSL, in which case you need to ask yourself. ;-) Laura ------- Original Message ------- On Wednesday, March 23rd, 2022 at 11:48, Sahaj Diwan <diwansa...@gmail.com> wrote: > Hi Team, > > Do we use openssl version 1.0.2, 1.1.1 or 3.0 in postgre 13.If yes then these > version are vulnerable CVE-2022-0778 which is now fixed in later ssl version. > > Regards,Sahaj