Date: Fri, 29 Dec 2017 09:21:11 +0000 (UTC) From: Eugene Grosbein <eugen@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r457500 - head/java/bouncycastle15 Message-ID: <201712290921.vBT9LBVB022808@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: eugen Date: Fri Dec 29 09:21:11 2017 New Revision: 457500 URL: https://svnweb.freebsd.org/changeset/ports/457500 Log: bouncycastle15: update to version 1.59 This release fixes CVE-2017-13098 ("ROBOT"), a Bleichenbacher oracle in TLS when RSA key exchange is negotiated. This potentially affected BCJSSE servers and any other TLS servers configured to use JCE for the underlying crypto - note the two TLS implementations using the BC lightweight APIs are not affected by this. Some of additional fixes, features and functionality: * GOST3410-94 private keys encoded using ASN.1 INTEGER are now accepted in private key info objects; GOST3412-2015 has been added to the JCE provider and the lightweight API. * SCRYPT is now supported as a SecretKeyFactory in the provider and in the PKCS8 APIs. * The BCJSSE provider now supports Server Name Indication, session resumption in clients, the jdk.tls.namedGroups and org.bouncycastle.jsse.ec.disableChar2 system properties. * ECGOST-2012 public keys were being encoded with the wrong OID for the digest parameter in the algorithm parameter set. This has been fixed. * The BCJSSE SSLEngine implementation now correctly wraps/unwraps application data only in whole records. Further details on other additions and bug fixes can be found in the release notes at: https://www.bouncycastle.org/releasenotes.html Security: CVE-2017-13098 Modified: head/java/bouncycastle15/Makefile head/java/bouncycastle15/distinfo Modified: head/java/bouncycastle15/Makefile ============================================================================== --- head/java/bouncycastle15/Makefile Fri Dec 29 09:01:54 2017 (r457499) +++ head/java/bouncycastle15/Makefile Fri Dec 29 09:21:11 2017 (r457500) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= bouncycastle -PORTVERSION= 1.58 +PORTVERSION= 1.59 CATEGORIES= java security MASTER_SITES= http://www.bouncycastle.org/download/ \ http://polydistortion.net/bc/download/ @@ -48,7 +48,6 @@ PORTDOCS= * .include <bsd.port.options.mk> # PR 220612: remove fork="true" in javac and fork="yes" in junit tasks -# NB: as of adding armv7, the patchname is kind of obsolete. .if ${ARCH} == armv6 || ${ARCH} == armv7 EXTRA_PATCHES+= ${FILESDIR}/armv6-patch-bc+-build.xml .endif Modified: head/java/bouncycastle15/distinfo ============================================================================== --- head/java/bouncycastle15/distinfo Fri Dec 29 09:01:54 2017 (r457499) +++ head/java/bouncycastle15/distinfo Fri Dec 29 09:21:11 2017 (r457500) @@ -1,3 +1,3 @@ -TIMESTAMP = 1503401517 -SHA256 (crypto-158.tar.gz) = 175b342d853706107f54780052e224595453743e2a4b6aa0a0fcf02d5e24d01d -SIZE (crypto-158.tar.gz) = 123588158 +TIMESTAMP = 1514536470 +SHA256 (crypto-159.tar.gz) = 03c08bc60acdcc035275adccd185bc3683e8b1266aa3400bfb8a526e622aa2d6 +SIZE (crypto-159.tar.gz) = 126095735
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201712290921.vBT9LBVB022808>