I got an email by Heroku which informs about a security issue with OpenSSL 3 to 3.0.6. Is Strapi 3 affected from that issue? If so, will there be a v3 update that fixes that issue?
I don’t think it’s STRAPI itself that is effected but rather the infrastructure you are using, or a commonly used nodeJS library that needs to be updated.
So this also then depends on how you are hosting your version
I am not sure if it has authentication features, but if so, wouldn’t it be plausible to assume that Strapi3 ships with openssl? (I am not a developer…)
Strapi itself doesn’t ship with it.
The os it runs on, will
1 Like