github openenclave/openenclave v0.15.0
on GitHub

latest releases: v0.19.4, v0.19.3, v0.19.2...
pre-release3 years ago

Added

  • Oeedger8r now supports the warning flag -W. The available options include:
    • -Wreturn-ptr: Check if an OCALL or ECALL returns a pointer.
    • -Wptr-in-struct: Check if a user-defined struct includes a un-annotated pointer member.
    • -Wforeign-type-ptr: Check if an OCALL or ECALL includes a parameter that is the pointer of a foreign type.
    • -Wptr-in-function: Check if an OCALL or ECALL includes a un-annotated pointer argument.
    • -Wall: Enable all the warning options.
    • -Wno-: Disable the corresponding warning.
    • -Werror: Turn warnings into errors.
    • -Werror=: Turn the specified warning into an error.
  • oesign sign now allows option -o/--output-file, to specify location to write signature of enclave image.
  • Debugger Contract has been extended to support multiple modules.
    • Refer to design document for details.

Changed

  • Open Enclave SDK will be built with clang-10 starting v0.16.0 release. We recommend that developers move to clang-10 starting v0.16.0 release.
  • oe_get_attestation_certificate_with_evidence() has been deprecated because it has been deemed insufficient for security. Use the new, experimental oe_get_attestation_certificate_with_evidence_v2() instead to generate a self-signed certificate for use in the TLS handshaking process.
  • Debugger Contract
    • path fields in oe_debug_enclave_t and oe_debug_module_t are now defined to be in
      UTF-8 encoding. Previously the encoding was undefined. To ensure smooth transition, debuggers
      are required to try out both UTF-8 as well as the previous encoding and pick the one that works.

Security

  • Update mbedTLS to version 2.16.10. Refer to the 2.16.10 and 2.16.9 release notes for the set of issues addressed.
  • OPENSSL is updated to version 1.1.1k.
  • The current version of wcsnrtombs function in oelibc (based on musl 1.1.21) has known vulnerability (refer to CVE-2020-28928), which will be fixed via upgrading musl to 1.2.2 in the next release. Please do not use wcsnrtombs with this version or earlier versions of Open Enclave SDK.

Packages in this release have been tested against the following Intel packages

On Ubuntu 18.04: DCAP: 1.10.100.4-bionic1 PSW: 2.13.100.4-bionic1 SGX Driver: 1.35
On Windows Server 2019: DCAP: 1.10.100.4 PSW: 2.12.100.4

Check out latest releases or
releases around openenclave/openenclave v0.15.0

Don't miss a new openenclave release

NewReleases is sending notifications on new releases.

Get notifications