Gitlab upgrade : CVE-2021-23214 (postgresql)

on my instance of gitlab (gitlab 14.7.7 on premise on a redhat 7 server), I am using the embaded postgresql server 12.7.
There is a CVE (CVE-2021-2321 : Red Hat Customer Portal - Access to 24x7 support and knowledge) which impact this postgresql server and I would like to know if an upgrade of the postgre is schedule in next gitlab version and if yes, when ?

This link will show the current PostgreSQL versions and what is available: PostgreSQL versions shipped with Omnibus GitLab | GitLab

Technically for your version you could move it to PostgreSQL 13.3 as this is included. The default however is still 12.7 until Gitlab decide to make PostgreSQL 13.3 the default.

This link explains how to do the embedded PostgreSQL upgrade: Database settings | GitLab if you decided to switch from 12.7 to 13.3. Usually though this isn’t needed, and would happen automatically anyway, let’s say if Gitlab decided to make 13.3 the default for when they release Gitlab 15.0 for example.

Also see this forum post: PostgreSQL 13 message but pg-upgrade doesn't upgrade - #5 by iwalker

As to your when question, there is no info on that right now as Gitlab haven’t shared when 13.x would be the default.