VULNERABILITY : openssl OS Command Injection

[AlexQuei]

openssl OS Command Injection :

• Vulnerbility CVE-2022-2068, CVSS 9.8 CRITICAL

• Introduced by openssl@1.1.1n-0+deb11u2 and openssl/libssl1.1@1.1.1n-0+deb11u2

• Fixed in openssl@1.1.1n-0+deb11u3

We need this critical update to use the solution in docker. How long do you think you will need to update this vulnerability, @kochetkov-ma ?

Thanks for your time and thanks for your work on this solution. Really appreciate.

Best regards, Alexandre.

[kochetkov-ma]

3 days

[kochetkov-ma]

https://github.com/kochetkov-ma/allure-server/releases/tag/v2.11.1