Revisions of bouncycastle
package also other jars
- Version update to 1.60 bsc#1100694: * CVE-2018-1000613 Use of Externally-ControlledInput to Select Classes or Code * Release notes: http://www.bouncycastle.org/releasenotes.html - Version update to 1.59: * CVE-2016-1000338: Fix DSA ASN.1 validation during encoding of signature on verification (boo#1095722). * CVE-2016-1000339: Fix AESEngine key information leak via lookup table accesses (boo#1095853). * CVE-2016-1000340: Fix carry propagation bugs in the implementation of squaring for several raw math classes (boo#1095854). * CVE-2016-1000341: Fix DSA signature generation vulnerability to timing attack (boo#1095852). * CVE-2016-1000342: Fix ECDSA ASN.1 validation during encoding of signature on verification (boo#1095850). * CVE-2016-1000343: Fix week default settings for private DSA key pair generation (boo#1095849). * CVE-2016-1000344: Remove DHIES from the provider to disable the unsafe usage of ECB mode (boo#1096026). * CVE-2016-1000345: Fix DHIES/ECIES CBC mode padding oracle attack (boo#1096025). * CVE-2016-1000346: Fix other party DH public key validation (boo#1096024). * CVE-2016-1000352: Remove ECIES from the provider to disable the unsafe usage of ECB mode (boo#1096022). - bumb target to 1.6
Update to 1.58
Fix build with java 9
1
- Version update to 1.54: * No obvious changelog to be found * Fixes bnc#967521 CVE-2015-7575
- Version update to 1.53 (latest upstream) * No obvious changelog * Fixes bnc#951727 CVE-2015-7940
javapackages-tools update
- Disable tests on obs as they hang
- Version bump to 1.50 to match Fedora - Cleanup with spec-cleaner
javapackages updates submission
disable bytecode check on sle_11 (forwarded request 234210 from deadpoint)
- Don't own /etc/java/security to not clash with javapackages-tools - Don't mark random files as config
jpackage-utils collison fix
Displaying revisions 21 - 40 of 42