ELSA-2023-4411 - cjose security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2023-08-02 |
Description
[0.6.1-13]
- CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual
Authentication Tag provided in the JWE
Resolves: rhbz#2223308
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 9 (aarch64) | cjose-0.6.1-13.el9_2.src.rpm | 53aadb31308ad21c8ef5f0bfbda7390c | - |
| cjose-0.6.1-13.el9_2.aarch64.rpm | ad1d2f8987575e33fc346d2cf1e51cd1 | - |
|
| Oracle Linux 9 (x86_64) | cjose-0.6.1-13.el9_2.src.rpm | 53aadb31308ad21c8ef5f0bfbda7390c | - |
| cjose-0.6.1-13.el9_2.i686.rpm | 114cdad46bd66585ca65e4b0a7d59c51 | - |
| cjose-0.6.1-13.el9_2.x86_64.rpm | fb2817370cc291185fef66c3cedf49da | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
