bouncycastle
No description set
- Developed at Java:packages
- Sources inherited from project openSUSE:Factory
-
5
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Leap:15.0:Staging:FactoryCandidates/bouncycastle && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| bcprov-jdk15on-1.60.pom | 0000001143 1.12 KB | |
| bcprov-jdk15on-160.tar.gz | 0009207686 8.78 MB | |
| bouncycastle.changes | 0000004734 4.62 KB | |
| bouncycastle.spec | 0000005723 5.59 KB |
Revision 20 (latest revision is 42)
Dominique Leuenberger (dimstar_suse)
accepted
request 624022
from
Tomáš Chvátal (scarabeus_iv)
(revision 20)
- Version update to 1.60 bsc#1100694:
* CVE-2018-1000613 Use of Externally-ControlledInput to Select Classes or Code
* Release notes:
http://www.bouncycastle.org/releasenotes.html
- Version update to 1.59:
* CVE-2016-1000338: Fix DSA ASN.1 validation during encoding of
signature on verification (boo#1095722).
* CVE-2016-1000339: Fix AESEngine key information leak via lookup
table accesses (boo#1095853).
* CVE-2016-1000340: Fix carry propagation bugs in the
implementation of squaring for several raw math classes
(boo#1095854).
* CVE-2016-1000341: Fix DSA signature generation vulnerability to
timing attack (boo#1095852).
* CVE-2016-1000342: Fix ECDSA ASN.1 validation during encoding of
signature on verification (boo#1095850).
* CVE-2016-1000343: Fix week default settings for private DSA key
pair generation (boo#1095849).
* CVE-2016-1000344: Remove DHIES from the provider to disable the
unsafe usage of ECB mode (boo#1096026).
* CVE-2016-1000345: Fix DHIES/ECIES CBC mode padding oracle
attack (boo#1096025).
* CVE-2016-1000346: Fix other party DH public key validation
(boo#1096024).
* CVE-2016-1000352: Remove ECIES from the provider to disable the
unsafe usage of ECB mode (boo#1096022).
- bumb target to 1.6
Comments 0