Open Enclave SDK Update Recommendation


Yen Lee
 

Hi Everybody,



Starting July 31, 2021, Azure DCAP Client<https://github.com/microsoft/Azure-DCAP-Client> will have a new policy to update SGX collateral in a different cadence. It is recommended that you rebuild with the latest Open Enclave SDK releases if your applications rely on Azure DCAP Client to provide verification collateral and call any of the following Open Enclave APIs for evidence verification:

* oe_verify_evidence
* oe_verify_report
* oe_verify_report_v2
* oe_verify_remote_report
* oe_verify_attestation_certificate
* oe_verify_attestation_certificate_with_evidence
* oe_verify_attestation_certificate_with_evidence_v2



Quick fix has been applied to the following Open Enclave releases:

* v0.14.1
* v0.15.1
* v0.17.1 or later


In addition, V0.17.1 fixes CVE-2021-33767<https://github.com/openenclave/openenclave/security/advisories/GHSA-mj87-466f-jq42> and it is therefore highly recommended that you move to v0.17.1.


Thanks,

Yen Lee

Join oesdk@lists.confidentialcomputing.io to automatically receive all group messages.