SSB-2022-001 - OpenSSL Security Advisories - November 2022
Scalingo is aware of the recently reported issues regarding OpenSSL 3.0 (CVE-2022-3602 and CVE-2022-3786).
Scalingo services are not affected, and no customer action is required.
As a security best practice, we encourage customers who manage environments containing OpenSSL 3.0 to update to the latest version, available at https://www.openssl.org/source/ or via their operating system’s software update mechanism.
Scalingo Platform-As-A-Service base stacks do not ship with OpenSSL 3.0 and are not affected by these issues.
Scalingo DBaaS addons
Scalingo Database-As-A-Service base stacks do not ship with OpenSSL 3.0 and are not affected by these issues.
Other Scalingo addons and services
Other Scalingo Platform addons and features do not ship with OpenSSL 3.0 and are not affected by these issues.
2022-11-09 : Initial version