Hello,
We're using Oracle Linux 8.5 ova as a base for our plugin. OpenSSL library used in this release is signed as 1.1.1k which make it affected by following vulnerabilities:
Many of them are still present on OpenSSL 3.0.0, therefore i think even Oracle Linux 9.0 will need update of this library. My questions are:
1)Is there possibility, that Oracle will release Oracle Linux ova(!) with updated OpenSSL?
2)If not, is it possible, to change this library version in ova?
Kind regards,
Mikolaj