Hi!
Open the osquery side, OpenSSL 1.x is in use, which is not affected.
On the Fleet server side, we use go, which has its own TLS implementation. We know go plans to release a security update tomorrow, and it does not look like it will be to fix the same issue in their TLS implementation.
It is not impossible other TLS implementations will have similar vulnerabilities so we will look closely at the updates to see if any require an emergency update.
So TL;DR -> It is unlikely we will need to release an emergency update tomorrow.