efadb98a29
This release fixes CVE-2017-13098 ("ROBOT"), a Bleichenbacher oracle in TLS
when RSA key exchange is negotiated. This potentially affected BCJSSE servers
and any other TLS servers configured to use JCE for the underlying crypto -
note the two TLS implementations using the BC lightweight APIs
are not affected by this.
Some of additional fixes, features and functionality:
* GOST3410-94 private keys encoded using ASN.1 INTEGER are now accepted
in private key info objects; GOST3412-2015 has been added
to the JCE provider and the lightweight API.
* SCRYPT is now supported as a SecretKeyFactory in the provider and
in the PKCS8 APIs.
* The BCJSSE provider now supports Server Name Indication,
session resumption in clients, the jdk.tls.namedGroups and
org.bouncycastle.jsse.ec.disableChar2 system properties.
* ECGOST-2012 public keys were being encoded with the wrong OID
for the digest parameter in the algorithm parameter set. This has been fixed.
* The BCJSSE SSLEngine implementation now correctly wraps/unwraps
application data only in whole records.
Further details on other additions and bug fixes can be found in the
release notes at:
https://www.bouncycastle.org/releasenotes.html
Security: CVE-2017-13098
|
||
|---|---|---|
| .. | ||
| aparapi | ||
| avis | ||
| berkeley-db | ||
| bluej | ||
| bootstrap-openjdk6 | ||
| bootstrap-openjdk8 | ||
| bouncycastle | ||
| bouncycastle15 | ||
| cacao | ||
| castor | ||
| classpath | ||
| cos | ||
| cryptix-jce | ||
| dbvis | ||
| eclipse | ||
| eclipse-cdt | ||
| eclipse-drjava | ||
| eclipse-ecj | ||
| eclipse-EPIC | ||
| eclipse-findbugs | ||
| eclipse-log4e | ||
| eclipse-lomboz | ||
| eclipse-pydev | ||
| eclipse-shelled | ||
| eclipse-windowbuilder | ||
| hamcrest | ||
| icedtea-web | ||
| infobus | ||
| intellij | ||
| intellij-fsnotifier | ||
| intellij-pty4j | ||
| intellij-rubymine | ||
| intellij-ultimate | ||
| jad | ||
| jaf | ||
| jai | ||
| jakarta-bcel | ||
| jakarta-commons-beanutils | ||
| jakarta-commons-cli | ||
| jakarta-commons-codec | ||
| jakarta-commons-collections | ||
| jakarta-commons-dbcp | ||
| jakarta-commons-discovery | ||
| jakarta-commons-httpclient | ||
| jakarta-commons-lang | ||
| jakarta-commons-lang3 | ||
| jakarta-commons-logging | ||
| jakarta-commons-pool | ||
| jakarta-commons-primitives | ||
| jakarta-oro | ||
| jakarta-regexp | ||
| jamvm | ||
| jasmin | ||
| jattach | ||
| java3d | ||
| java-checkstyle | ||
| java-cup | ||
| java-getopt | ||
| java-subversion | ||
| java-zoneinfo | ||
| javahelp | ||
| javamail | ||
| javavmwrapper | ||
| jaxen | ||
| jcalendar | ||
| jcckit | ||
| jcommon | ||
| jd-gui | ||
| jdbcpool | ||
| jdk8-doc | ||
| jdom | ||
| jflex | ||
| jfreechart | ||
| jgraph | ||
| jgrapht | ||
| jgraphx | ||
| jikes | ||
| jlex | ||
| jlint | ||
| jmf | ||
| jode | ||
| jomp | ||
| jrosetta | ||
| jta | ||
| jtiger | ||
| jump | ||
| junit | ||
| jxgrabkey | ||
| langspec | ||
| lightweight-java-profiler | ||
| linux-oracle-jdk9 | ||
| linux-oracle-jdk18 | ||
| linux-oracle-jre9 | ||
| linux-oracle-jre18 | ||
| mmake | ||
| mx4j | ||
| netbeans | ||
| netbeans-devel | ||
| netcomponents | ||
| netrexx | ||
| netty | ||
| openjdk6 | ||
| openjdk6-jre | ||
| openjdk7 | ||
| openjdk7-jre | ||
| openjdk8 | ||
| openjdk8-jre | ||
| openjfx8-devel | ||
| openjfx8-scenebuilder | ||
| phpeclipse | ||
| proguard | ||
| sablevm | ||
| sablevm-classpath | ||
| servingxml | ||
| sigar | ||
| springframework | ||
| springframework31 | ||
| sqlitejdbc | ||
| trove4j | ||
| veditor | ||
| visualvm | ||
| wildfly10 | ||
| wildfly11 | ||
| wildfly90 | ||
| xdoclet | ||
| Makefile | ||