1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-28 05:29:48 +00:00
freebsd-ports/java/bouncycastle15
Eugene Grosbein efadb98a29 bouncycastle15: update to version 1.59
This release fixes CVE-2017-13098 ("ROBOT"), a Bleichenbacher oracle in TLS
when RSA key exchange is negotiated. This potentially affected BCJSSE servers
and any other TLS servers configured to use JCE for the underlying crypto -
note the two TLS implementations using the BC lightweight APIs
are not affected by this.

Some of additional fixes, features and functionality:

* GOST3410-94 private keys encoded using ASN.1 INTEGER are now accepted
  in private key info objects; GOST3412-2015 has been added
  to the JCE provider and the lightweight API.
* SCRYPT is now supported as a SecretKeyFactory in the provider and
  in the PKCS8 APIs.
* The BCJSSE provider now supports Server Name Indication,
  session resumption in clients, the jdk.tls.namedGroups and
  org.bouncycastle.jsse.ec.disableChar2 system properties.
* ECGOST-2012 public keys were being encoded with the wrong OID
  for the digest parameter in the algorithm parameter set. This has been fixed.
* The BCJSSE SSLEngine implementation now correctly wraps/unwraps
  application data only in whole records.

Further details on other additions and bug fixes can be found in the
release notes at:

https://www.bouncycastle.org/releasenotes.html

Security:	CVE-2017-13098
2017-12-29 09:21:11 +00:00
..
files
distinfo bouncycastle15: update to version 1.59 2017-12-29 09:21:11 +00:00
Makefile bouncycastle15: update to version 1.59 2017-12-29 09:21:11 +00:00
pkg-descr
pkg-plist