> the german bureau for IT-Security "BSI" (Bundesamt für Sicherheit in der > Informationstechnik) has issued a warning for CVE CVE-2022-42889 with the > name commons-text. Insurance companies are obliged to analyse the installed > software for vulnerabilities of this type. As the Barmenia is using your product PostgreSQL Server it is necessary to obtain all information regarding any vulnerability against above CVE. We kindly ask you to provide information if the above product is affected by the CVE and if yes, when a fix will be available. > With the request for short-term feedback.
It might be prudent for Barmenia, a large insurance company, to consider purchasing commercial support rather than requesting short-term feedback from volunteers. Other than that there's also excellent documentation and freely inspectable source code. Best regards, Karsten
