New Question

Revision history [back]

click to hide/show revision 1
initial version

SSL CVE vulnerability

Hello, the latest release(1.1.4) of cloudbase-init for windows uses the SSL package version SSL 1.1.1q, which already contains more CVEs. https://www.openssl.org/news/vulnerabilities.html Is it possible to upgrade the package to SSL 3.1 in the new release of cloudbase-init? Or up to the most available version 1.1.1w with vulnerabilities fixed. And please tell me when the next release is planned?