Manualshelf

Release Notes

ManualsBrandsDell ManualsBSAFEBSAFE Micro Edition Suite
11121314151617181920
20 Known Issues
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Known Issues
The following table lists the known issues in this release of MES.
Workarounds, where
possible, are provided for the issues
.
BSFMES-1952 Certificates with RSA PSS signatures cannot be verified.
BSFMES-1842 Triple-DES is removed from default cipher suite list.
BSFMES-1561 A sample makefile for systems running an OS X operating system needs
undocumented environment variables.
BSFMES-1426 MES is potentially vulnerable to a heap-based buffer overflow when
parsing ECDSA signature. A malicious user with adjacent network access
could potentially exploit this vulnerability to cause a crash in the library of
the affected system - CVE-2019-3729.
BSFMES-1143 R_CERT_REQ_sign() returns R_ERROR_BUFFER_TOO_SMALL
when signing a certificate request with extension data greater than 128
bytes.
BSFMES-1005 R_SSL_CTX_get_ex_new_id_ef() and
R_SSL_get_ex_new_id_ef() can return R_ERROR values as well as an
index.
Table 5 Known Issues
ID Description
BSFMES-1863 Unable to sign or verify from the software provider or FIPS 140
provider where the digest is provided by the iOS FIPS provider.
BSFMES-1761 R_SSL_put_error() and R_SSL_put_error_state() do not
limit the number of errors stored in the stack, which risks continuous
memory growth and possible out of memory errors.
BSFMES-1649 Certificate request messages with more than seven certificate type
definitions are not read properly by a TLS client.
BSFMES-1644 R_VERIFY_CTX_INFO_OCSP_SIG_ALG manages an array of three
R_CR_ALG_ID values.
BSFMES-1592 R_SSL_SESSION_print() does not print elliptic curve point
formats correctly.
Table 4 Enhancements and Resolved Issues (continued)
ID Description