You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@teaclave.apache.org by He Sun <no...@github.com.INVALID> on 2023/03/23 03:12:12 UTC
[apache/incubator-teaclave] Check the binding of the server certificate with the sgx quote (PR #679)
The fix is reported from https://github.com/mithril-security/poison-tea.
## Description
Fix an attestation bypass attack reported from https://github.com/mithril-security/poison-tea.
Fixes # (issue)
## Type of change (select or add applied and delete the others)
- [X] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
- [ ] API change with a documentation update
- [ ] Additional test coverage
- [ ] Code cleanup or just sync with upstream third-party crates
## How has this been tested?
## Checklist
- [X] Fork the repo and create your branch from `master`.
- [ ] If you've added code that should be tested, add tests.
- [ ] If you've changed APIs, update the documentation.
- [X] Ensure the tests pass (see CI results).
- [X] Make sure your code lints/format.
You can view, comment on, or merge this pull request online at:
https://github.com/apache/incubator-teaclave/pull/679
-- Commit Summary --
* Check the binding of the server certificate with the sgx quote
-- File Changes --
M sdk/python/teaclave.py (15)
-- Patch Links --
https://github.com/apache/incubator-teaclave/pull/679.patch
https://github.com/apache/incubator-teaclave/pull/679.diff
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/pull/679
You are receiving this because you are subscribed to this thread.
Message ID: <apache/incubator-teaclave/pull/679@github.com>
Re: [apache/incubator-teaclave] Check the binding of the server certificate with the sgx quote (PR #679)
Posted by He Sun <no...@github.com.INVALID>.
Merged #679 into master.
--
Reply to this email directly or view it on GitHub:
https://github.com/apache/incubator-teaclave/pull/679#event-8823560993
You are receiving this because you are subscribed to this thread.
Message ID: <ap...@github.com>