When I download percona-xtrabackup-8.0.35-30-Linux-x86_64.glibc2.17-minimal.tar.gz from the Software Downloads - Percona web page, from the URL:
It seems to contain OpenSSL related library files like libssl.so.1.0.2k and libcrypto.so.1.0.2k which are part of OpenSSL 1.0.2k
But according to the NIST National Vulnerability Database (CVE-2022-1292), OpenSSL 1.0.2k has a critical vulnerability and shouldn’t be used.
Any chance Percona will post an updated prebuilt version of Percona Xtrabackup online for download? (using more recent OpenSSL libraries)
Thanks
Ben