openSUSE Build Service

buildservice-autocommit accepted request 635816 from

Tomáš Chvátal (scarabeus_iv) over 5 years ago (revision 45)

baserev update by copy to link target

Tomáš Chvátal (scarabeus_iv) accepted request 635776 from

Pedro Monreal Gonzalez (pmonrealgonzalez) over 5 years ago (revision 44)

  * CVE-2018-1000180: issue around primality tests for RSA key pair generation
    if done using only the low-level API [bsc#1096291]

buildservice-autocommit accepted request 624022 from

Tomáš Chvátal (scarabeus_iv) almost 6 years ago (revision 43)

baserev update by copy to link target

Tomáš Chvátal (scarabeus_iv) committed almost 6 years ago (revision 42)

- Version update to 1.59:
  * CVE-2016-1000338: Fix DSA ASN.1 validation during encoding of
    signature on verification (boo#1095722).
  * CVE-2016-1000339: Fix AESEngine key information leak via lookup
    table accesses (boo#1095853).
  * CVE-2016-1000340: Fix carry propagation bugs in the
    implementation of squaring for several raw math classes
    (boo#1095854).
  * CVE-2016-1000341: Fix DSA signature generation vulnerability to
    timing attack (boo#1095852).
  * CVE-2016-1000342: Fix ECDSA ASN.1 validation during encoding of
    signature on verification (boo#1095850).
  * CVE-2016-1000343: Fix week default settings for private DSA key
    pair generation (boo#1095849).
  * CVE-2016-1000344: Remove DHIES from the provider to disable the
    unsafe usage of ECB mode (boo#1096026).
  * CVE-2016-1000345: Fix DHIES/ECIES CBC mode padding oracle
    attack (boo#1096025).
  * CVE-2016-1000346: Fix other party DH public key validation
    (boo#1096024).
  * CVE-2016-1000352: Remove ECIES from the provider to disable the
    unsafe usage of ECB mode (boo#1096022).
- bumb target to 1.6

Tomáš Chvátal (scarabeus_iv) committed almost 6 years ago (revision 41)

  * CVE-2016-1000338: Fix DSA ASN.1 validation during encoding of             
    signature on verification (boo#1095722).                                  
  * CVE-2016-1000339: Fix AESEngine key information leak via lookup           
    table accesses (boo#1095853).                                             
  * CVE-2016-1000340: Fix carry propagation bugs in the                       
    implementation of squaring for several raw math classes                   
    (boo#1095854).                                                            
  * CVE-2016-1000341: Fix DSA signature generation vulnerability to           
    timing attack (boo#1095852).                                              
  * CVE-2016-1000342: Fix ECDSA ASN.1 validation during encoding of           
    signature on verification (boo#1095850).                                  
  * CVE-2016-1000343: Fix week default settings for private DSA key           
    pair generation (boo#1095849).                                            
  * CVE-2016-1000344: Remove DHIES from the provider to disable the           
    unsafe usage of ECB mode (boo#1096026).                                   
  * CVE-2016-1000345: Fix DHIES/ECIES CBC mode padding oracle                 
    attack (boo#1096025).                                                     
  * CVE-2016-1000346: Fix other party DH public key validation                
    (boo#1096024).                                                            
  * CVE-2016-1000352: Remove ECIES from the provider to disable the           
    unsafe usage of ECB mode (boo#1096022).

Tomáš Chvátal (scarabeus_iv) committed almost 6 years ago (revision 40)

- Version update to 1.60 bsc#1100694:
  * CVE-2018-1000613 Use of Externally-ControlledInput to Select Classes or Code
  * Release notes:
    http://www.bouncycastle.org/releasenotes.html

buildservice-autocommit accepted request 616108 from

Tomáš Chvátal (scarabeus_iv) almost 6 years ago (revision 39)

baserev update by copy to link target

Tomáš Chvátal (scarabeus_iv) accepted request 616094 from

Alexander Bergmann (abergmann) almost 6 years ago (revision 38)

- Version update to 1.59: 
  * CVE-2017-13098: Fix against Bleichenbacher oracle when not
    using the lightweight APIs (boo#1072697).
  * Release notes:
    http://www.bouncycastle.org/releasenotes.html
- Removed patch:
  * ambiguous-reseed.patch

Fridrich Strba (fstrba) committed almost 6 years ago (revision 37)

Fridrich Strba (fstrba) committed almost 6 years ago (revision 36)

buildservice-autocommit accepted request 526278 from

Fridrich Strba (fstrba) over 6 years ago (revision 35)

baserev update by copy to link target

Fridrich Strba (fstrba) committed over 6 years ago (revision 34)

Update to 1.58

buildservice-autocommit accepted request 522009 from

Fridrich Strba (fstrba) over 6 years ago (revision 33)

baserev update by copy to link target

Fridrich Strba (fstrba) committed over 6 years ago (revision 32)

buildservice-autocommit accepted request 496615 from

Tomáš Chvátal (scarabeus_iv) almost 7 years ago (revision 31)

baserev update by copy to link target

Tomáš Chvátal (scarabeus_iv) accepted request 496612 from

Petr Cervinka (pcervinka) almost 7 years ago (revision 30)

- New build dependency: javapackages-local
- Fixed requires
- Spec file cleaned

buildservice-autocommit accepted request 360600 from

Tomáš Chvátal (scarabeus_iv) about 8 years ago (revision 29)

baserev update by copy to link target

Tomáš Chvátal (scarabeus_iv) committed about 8 years ago (revision 28)

- Version update to 1.54:
  * No obvious changelog to be found
  * Fixes bnc#967521 CVE-2015-7575

buildservice-autocommit accepted request 340552 from

Tomáš Chvátal (scarabeus_iv) over 8 years ago (revision 27)

baserev update by copy to link target

Tomáš Chvátal (scarabeus_iv) committed over 8 years ago (revision 26)

- Version update to 1.53 (latest upstream)
  * No obvious changelog
  * Fixes bnc#951727 CVE-2015-7940

Places

Revisions of bouncycastle

Places