[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252271

 
 

909

 
 

196835

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 43737 Download | Alert*

EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.

OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM.

[3.0.1-47.0.1] - Replace upstream references [Orabug: 34340177] [1:3.0.1-47] - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed Use-after-free following BIO_new_NDEF Resolves: CVE-2023-0215 - Fixed Invalid pointer dereference in ...

[3.0.1-47.0.1] - Replace upstream references [Orabug: 34340177] [1:3.0.1-47] - Fixed X.509 Name Constraints Read Buffer Overflow Resolves: CVE-2022-4203 - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed Use-after-free following BIO_new_NDEF Resolves: CVE-2023-0215 - Fixed Invalid pointer dereference in ...

[1:1.1.1k-9] - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed Use-after-free following BIO_new_NDEF Resolves: CVE-2023-0215 - Fixed X.400 address type confusion in X.509 GeneralName Resolves: CVE-2023-0286 [1:1.1.1k-8] - Fix no-ec build Resolves: rhbz#2071020

[1:1.1.1k-9] - Fixed Timing Oracle in RSA Decryption Resolves: CVE-2022-4304 - Fixed Double free after calling PEM_read_bio_ex Resolves: CVE-2022-4450 - Fixed Use-after-free following BIO_new_NDEF Resolves: CVE-2023-0215 - Fixed X.400 address type confusion in X.509 GeneralName Resolves: CVE-2023-0286 [1:1.1.1k-8] - Fix no-ec build Resolves: rhbz#2071020

[20221207gitfff6d81270b5-9] - edk2-remove-amd-sev-feature-flag-from-secure-boot-builds-.patch [bz#2169247] - Resolves: bz#2169247 [20221207gitfff6d81270b5-8] - edk2-OvmfPkg-disable-dynamic-mmio-window-rhel-only.patch [bz#2174605] - Resolves: bz#2174605 [20221207gitfff6d81270b5-7] - edk2-Revert-MdeModulePkg-TerminalDxe-add-other-text-resol.patch [bz#2162307] - Resolves: bz#2162307 [20221207gitff ...

[20220126gitbb1bba3d77-4] - edk2-openssl-update.patch [bz#2164531 bz#2164543 bz#2164558 bz#2164581] - edk2-rh-openssl-add-crypto-bn-rsa_sup_mul.c-to-file-list.patch [bz#2164531 bz#2164543 bz#2164558 bz#2164581] - Resolves: bz#2164531 - Resolves: bz#2164543 - Resolves: bz#2164558 - Resolves: bz#2164581

A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE. A use-aft ...


Pages:      Start    1304    1305    1306    1307    1308    1309    1310    1311    1312    1313    1314    1315    1316    1317    ..   4373

© SecPod Technologies