Closed yang9yang closed 1 year ago
Our internal tool reported that there are some Vulnerabilities in openssl-1.1.1.q
CVE-2023-0464 CVE-2023-0465 CVE-2023-0466
They will causing by passing the '-policy' argument to the command line utilities or by calling the 'X509_VERIFY_PARAM_set1_policies()' function. Will the new version fix these issues? Or when will they be fixed?
Hi @yang9yang,
SQLCipher is not affected by these CVE's. SQLCipher does not use the X.509 features within OpenSSL.
Our internal tool reported that there are some Vulnerabilities in openssl-1.1.1.q
CVE-2023-0464 CVE-2023-0465 CVE-2023-0466
They will causing by passing the '-policy' argument to the command line utilities or by calling the 'X509_VERIFY_PARAM_set1_policies()' function. Will the new version fix these issues? Or when will they be fixed?