Open Enclave SDK Update Recommendation

Home Messages Hashtags Subgroups Wiki

Yen Lee #191 Hi Everybody, Starting July 31, 2021, Azure DCAP Client<https://github.com/microsoft/Azure-DCAP-Client> will have a new policy to update SGX collateral in a different cadence. It is recommended that you rebuild with the latest Open Enclave SDK releases if your applications rely on Azure DCAP Client to provide verification collateral and call any of the following Open Enclave APIs for evidence verification: * oe_verify_evidence * oe_verify_report * oe_verify_report_v2 * oe_verify_remote_report * oe_verify_attestation_certificate * oe_verify_attestation_certificate_with_evidence * oe_verify_attestation_certificate_with_evidence_v2 Quick fix has been applied to the following Open Enclave releases: * v0.14.1 * v0.15.1 * v0.17.1 or later In addition, V0.17.1 fixes CVE-2021-33767<https://github.com/openenclave/openenclave/security/advisories/GHSA-mj87-466f-jq42> and it is therefore highly recommended that you move to v0.17.1. Thanks, Yen Lee
More All Messages By This Member

Join {oesdk@lists.confidentialcomputing.io to automatically receive all group messages.