ELSA-2023-4411

ULN >
Oracle Linux Errata repository >
ELSA-2023-4411

ELSA-2023-4411 - cjose security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-08-02

Description

[0.6.1-13]
- CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual
Authentication Tag provided in the JWE
Resolves: rhbz#2223308

Related CVEs

CVE-2023-37464

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	cjose-0.6.1-13.el9_2.src.rpm	e0a54b4ad3b757125e876e906d1d60b12ebc964123cf9539b21573b7096f2e27	-	ol9_aarch64_appstream
	cjose-0.6.1-13.el9_2.aarch64.rpm	48f499eb0ec46e561ee99b5a8552b3864bf92a188c11041f017389c69081e293	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	cjose-0.6.1-13.el9_2.src.rpm	e0a54b4ad3b757125e876e906d1d60b12ebc964123cf9539b21573b7096f2e27	-	ol9_x86_64_appstream
	cjose-0.6.1-13.el9_2.i686.rpm	c74803d5874988a872571edb8c3f14fb095e82c964d5afb21f3859009f15c3de	-	ol9_x86_64_appstream
	cjose-0.6.1-13.el9_2.x86_64.rpm	30348fa6514961169c37cbebd437760d796d5dc349a1f5af2bbc52b4f4266f9b	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691