CLSA-2023-1702495193 openssl: Fix of CVE-2023-5363

CVE-2023-5363: evp: process key length and iv length early if present...

Sequential calls of encryption API (`encrypt`, `wrap`, and `dump`) result in nonce reuse

Problem: Trying to create a new encrypted message with the same cocoon object generates the same ciphertext. It mostly affects MiniCocoon and Cocoon objects with custom seeds and RNGs where StdRng is used under the hood. Note: The issue does NOT affect objects created with Cocoon::new which...

RUSTSEC-2023-0068 Sequential calls of encryption API (`encrypt`, `wrap`, and `dump`) result in nonce reuse

Problem: Trying to create a new encrypted message with the same cocoon object generates the same ciphertext. It mostly affects MiniCocoon and Cocoon objects with custom seeds and RNGs where StdRng is used under the hood. Note: The issue does NOT affect objects created with Cocoon::new which...

CVE-2010-3145

CVE-2010-3145 concerns the Windows Backup Manager insecure DLL loading in sdclt.exe (Backup Manager) on Windows Vista SP1/SP2. The vulnerability arises from untrusted search path loading a Trojan horse fveapi.dll located in the current working directory, triggered when opening a Windows Backup Ca...