View Source

<html lang="en">
<head><style>.confluenceTable, .confluenceTh, .confluenceTd {border: solid 1px; border-collapse: collapse; border-color: #ccc; padding: 5px 10px;}</style>
<meta charset="utf-8"/>
<link href="https://fonts.gstatic.com" rel="preconnect"/><link href="https://fonts.googleapis.com/css2?family=Open+Sans&amp;display=swap" rel="stylesheet"/></head>
<body style="color: #333; font-family: 'Open Sans', sans-serif; font-size: 14px; line-height: 1.429">
<table cellpadding="0" cellspacing="0" width="100%">
<tr>
<td style="border-collapse: collapse;  padding: 0px 0px ">
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt; border-spacing: 0; border-collapse: separate" width="100%">
<tr>
<td>
<h1><span style="color: #1f7cd3; font-family: 'Open Sans', sans-serif;">Security Improvement Notes<br/></span></h1>
<table style="width: 100%; height: 18px;">
<tbody>
<tr style="height: 18px;">
<td style="height: 18px;"><span style="font-family: 'Open Sans', sans-serif;">DGW Application 49.1.2884</span></td>
</tr>
</tbody>
</table>
<nav>
<ul>
<li><span style="font-family: 'Open Sans', sans-serif;"><a href="#h_65883019137371625594247539">Summary</a></span></li>
<li><a href="#section_features"><span style="font-family: 'Open Sans', sans-serif;">Security changes</span></a></li>
</ul>
</nav>
<p><span style="font-family: 'Open Sans', sans-serif;"> <div>
<p><hr/></p>
</div>
</span></p>
<h2 id="h_65883019137371625594247539"><span style="color: #213368; font-family: 'Open Sans', sans-serif;">Summary</span></h2>
<p><div name="checkIfJQLDataIsPresent">
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse;width: 100%;font-size: inherit;font-family: 'Open Sans', sans-serif;">
<thead>
<tr style="width: 100%;">
<th style="border: 1px solid #cccccc;text-align:left; padding: 10px 5px;font-weight:bold;font-size: inherit;font-family: 'Open Sans', sans-serif; text-transform: capitalize; color: #1F7CD3; font-family: 'Open Sans', sans-serif; min-width: 10em;">ID</th>
<th style="border: 1px solid #cccccc;text-align:left; padding: 10px 5px;font-weight:bold;font-size: inherit;font-family: 'Open Sans', sans-serif; text-transform: capitalize; color: #1F7CD3; font-family: 'Open Sans', sans-serif;">Synopsis</th>
</tr>
</thead>
<tbody>
<tr style="width: 100%;">
<td style="border: 1px solid #cccccc;text-align: left; padding: 10px 5px;font-size: inherit;font-family: 'Open Sans', sans-serif; vertical-align: top; font-family: 'Open Sans', sans-serif;">
							DGW-16201
						</td>
<td style="border: 1px solid #cccccc;text-align: left; padding: 10px 5px;font-size: inherit;font-family: 'Open Sans', sans-serif; vertical-align: top; font-family: 'Open Sans', sans-serif;">
							Upgrade to OpenSSL 1.1.1t
						</td>
</tr>
</tbody>
</table>
</div>
</p>
<hr/>
<h2 id="section_features"><span style="color: #213368; font-family: 'Open Sans', sans-serif;">Security changes<br/></span></h2>
<p><span style="font-family: 'Open Sans', sans-serif;"> <div name="checkIfJQLDataIsPresent">
<div style="margin: 0 20px; padding: 0;">
<h3><span style="font-family: 'Open Sans', sans-serif; color: #2073c5;">DGW-16201 - Upgrade to OpenSSL 1.1.1t</span></h3>
<p><span style="font-family: 'Open Sans', sans-serif; font-size: 14px;"><p>The application is re-built using OpenSSL 1.1.1t.</p>
<p>This security upgrade fixes several vulnerabilities:</p>
<ul>
<li>Fixed X.400 address type confusion in X.509 GeneralName (<a class="external-link" href="https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286" rel="nofollow noopener" target="_blank">CVE-2023-0286</a>)</li>
<li>Fixed Use-after-free following BIO_new_NDEF (<a class="external-link" href="https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0215" rel="nofollow noopener" target="_blank">CVE-2023-0215</a>)</li>
<li>Fixed Double free after calling PEM_read_bio_ex (<a class="external-link" href="https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4450" rel="nofollow noopener" target="_blank">CVE-2022-4450</a>)</li>
<li>Fixed Timing Oracle in RSA Decryption (<a class="external-link" href="https://www.openssl.org/news/vulnerabilities.html#CVE-2022-4304" rel="nofollow noopener" target="_blank">CVE-2022-4304</a>)</li>
</ul>
</span></p>
<p></p>
</div>
</div>
</span></p>
<hr/>
<h2><span style="color: #213368; font-family: 'Open Sans', sans-serif;">Copyright Notice</span></h2>
<p><span style="font-family: 'Open Sans', sans-serif;">Copyright  2023 Media5 Corporation.</span></p>
<p><span style="font-family: 'Open Sans', sans-serif;">This document contains information that is proprietary to Media5 Corporation.</span></p>
<p><span style="font-family: 'Open Sans', sans-serif;">Media5 Corporation reserves all rights to this document as well as to the Intellectual Property of the document and the technology and know-how that it includes and represents.</span></p>
<p><span style="font-family: 'Open Sans', sans-serif;">This publication cannot be reproduced, neither in whole nor in part, in any form whatsoever, without written prior approval by Media5 Corporation.</span></p>
<p><span style="font-family: 'Open Sans', sans-serif;">Media5 Corporation reserves the right to revise this publication and make changes at any time and without the obligation to notify any person and/or entity of such revisions and/or changes.</span></p>
<p><a href="https://www.media5corp.com"><span style="font-family: 'Open Sans', sans-serif;">www.media5corp.com</span></a></p>
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>