Overview
Request 624022 accepted
- Version update to 1.60 bsc#1100694:
* CVE-2018-1000613 Use of Externally-ControlledInput to Select Classes or Code
* Release notes:
http://www.bouncycastle.org/releasenotes.html
- Version update to 1.59:
* CVE-2016-1000338: Fix DSA ASN.1 validation during encoding of
signature on verification (boo#1095722).
* CVE-2016-1000339: Fix AESEngine key information leak via lookup
table accesses (boo#1095853).
* CVE-2016-1000340: Fix carry propagation bugs in the
implementation of squaring for several raw math classes
(boo#1095854).
* CVE-2016-1000341: Fix DSA signature generation vulnerability to
timing attack (boo#1095852).
* CVE-2016-1000342: Fix ECDSA ASN.1 validation during encoding of
signature on verification (boo#1095850).
* CVE-2016-1000343: Fix week default settings for private DSA key
pair generation (boo#1095849).
* CVE-2016-1000344: Remove DHIES from the provider to disable the
unsafe usage of ECB mode (boo#1096026).
* CVE-2016-1000345: Fix DHIES/ECIES CBC mode padding oracle
attack (boo#1096025).
* CVE-2016-1000346: Fix other party DH public key validation
(boo#1096024).
* CVE-2016-1000352: Remove ECIES from the provider to disable the
unsafe usage of ECB mode (boo#1096022).
- bumb target to 1.6
- Created by scarabeus_iv
- In state accepted
- Supersedes 624021
Request History
scarabeus_iv created request
- Version update to 1.60 bsc#1100694:
* CVE-2018-1000613 Use of Externally-ControlledInput to Select Classes or Code
* Release notes:
http://www.bouncycastle.org/releasenotes.html
- Version update to 1.59:
* CVE-2016-1000338: Fix DSA ASN.1 validation during encoding of
signature on verification (boo#1095722).
* CVE-2016-1000339: Fix AESEngine key information leak via lookup
table accesses (boo#1095853).
* CVE-2016-1000340: Fix carry propagation bugs in the
implementation of squaring for several raw math classes
(boo#1095854).
* CVE-2016-1000341: Fix DSA signature generation vulnerability to
timing attack (boo#1095852).
* CVE-2016-1000342: Fix ECDSA ASN.1 validation during encoding of
signature on verification (boo#1095850).
* CVE-2016-1000343: Fix week default settings for private DSA key
pair generation (boo#1095849).
* CVE-2016-1000344: Remove DHIES from the provider to disable the
unsafe usage of ECB mode (boo#1096026).
* CVE-2016-1000345: Fix DHIES/ECIES CBC mode padding oracle
attack (boo#1096025).
* CVE-2016-1000346: Fix other party DH public key validation
(boo#1096024).
* CVE-2016-1000352: Remove ECIES from the provider to disable the
unsafe usage of ECB mode (boo#1096022).
- bumb target to 1.6
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
namtrac accepted review
staging-bot set openSUSE:Factory:Staging:B as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:B"
staging-bot accepted review
Picked openSUSE:Factory:Staging:B
repo-checker accepted review
cycle and install check passed
dimstar_suse accepted review
ready to accept
dimstar_suse approved review
ready to accept
dimstar_suse accepted request
Accept to openSUSE:Factory