Describe the bug
Release 2.34.32 updated the bundled OpenSSL to 1.1.1zg for Linux installers, but the Windows MSI installer still ships with a vulnerable version of libssl-3.dll. Please apply the same OpenSSL update to the Windows build pipeline.
Regression Issue
Expected Behavior
With Release 2.34.32 we expected the Windows Installer patch to be close behind.
Current Behavior
Vulnerability being reported as CVE-2026-28389
Reproduction Steps
NA
Possible Solution
No response
Additional Information/Context
No response
CLI version used
2.34.45
Environment details (OS name and version, etc.)
Windows Server 2019
Describe the bug
Release 2.34.32 updated the bundled OpenSSL to 1.1.1zg for Linux installers, but the Windows MSI installer still ships with a vulnerable version of libssl-3.dll. Please apply the same OpenSSL update to the Windows build pipeline.
Regression Issue
Expected Behavior
With Release 2.34.32 we expected the Windows Installer patch to be close behind.
Current Behavior
Vulnerability being reported as CVE-2026-28389
Reproduction Steps
NA
Possible Solution
No response
Additional Information/Context
No response
CLI version used
2.34.45
Environment details (OS name and version, etc.)
Windows Server 2019