java-packages/bouncycastle-fips
SHA256
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
bouncycastle-fips/bouncycastle-fips.changes

43 lines
2.1 KiB
Plaintext
Raw Permalink Blame History

-------------------------------------------------------------------
Mon Apr 29 16:22:08 UTC 2024 - Fridrich Strba <fstrba@suse.com>
- Update to upstream version 1.0.2.4
* Defects Fixed
+ BC-FJA-1.0.2.3-02: JCA aliases do not correctly reflect JCA
attributes for supporting algorithm. This is now fixed.
+ BC-FJA-1.0.2.3-03: CVE-2022-45156 Java 13 garbage collector
changes result in early finalisation of some keys under high
loads with Java 17. This is now fixed.
+ BC-FJA-1.0.2.3-04: Default Locale may interfere with ASN.1
dates - module now attempts to identify an ASN.1 friendly
locale now identified.
+ BC-FJA-1.0.2.3-05: CVE-2023-33202 Possible denial of service
by within Bouncy Castle PEM parser class.
* Additions
+ End of 2023 transition for Triple-DES encryption. The provider
blocks Triple-DES encryption. The following properties can be
used to override the default behaviour:
- org.bouncycastle.tripledes.allow_drbg (allow use with DRBGs)
- org.bouncycastle.tripledes.allow_prf (allow use in KDFs)
- org.bouncycastle.tripledes.allow_wrap (allow use with key
wrapping)
- org.bouncycastle.tripledes.allow_enc (allow Triple-DES
encryption)
+ End of 2023 transition for RSA PKCS1.5 encryption. The provider
blocks RSA with PKCS1.5 encryption. The following property can
be used to override the default behaviour:
- org.bouncycastle.rsa.allow_pkcs15_enc (allow use of PKCS1.5)
+ MD5 is now explicitly disabled in approved mode unless the
property org.bouncycastle.jsse.enable_md5 is set to true.
+ Identification and use of system entropy source optimisations
(elimination of possible exception throwing, configuration for
thread local SecureRandom provider)
+ All secret key and private key types now provide support for
Destroyable.
+ Hex.decodeStrict() added to Hex encoder.
-------------------------------------------------------------------
Thu May 19 16:19:21 UTC 2022 - Fridrich Strba <fstrba@suse.com>
- Initial packaging of BouncyCastle FIPS module 1.0.2.3
Reference in New Issue View Git Blame Copy Permalink