安全公告详情

NS-SA-2025-0197

2025-07-25 16:49:52

简介

low: tongsuo security update

严重级别

low

主题

An update for tongsuo is now available for NewStart CGSL MAIN 7.02.
NewStart Security has rated this update as having a security impact of low. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

tongsuo:


Security Fix(es):
tongsuo: A vulnerability was found in OpenSSL. The security issue occurs in the POLY1305 MAC (message authentication code) implementation, that contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions.(CVE-2023-4807)
tongsuo: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 7.02.03B8.

影响组件

  • tongsuo

影响产品

  • CGSL MAIN 7.02

更新包

{"fix":[{"product":"CGSL MAIN 7.02","pkgs":[{"binary":["tongsuo-core-8.3.3-5.zncgsl7.22.x86_64.rpm","tongsuo-8.3.3-5.zncgsl7.22.x86_64.rpm"],"source":"tongsuo-8.3.3-5.zncgsl7.22.src.rpm"}]}]}

CVE

参考