[openSUSE-SU-2020:0607-1] Security update for bouncycastle
Severity
Moderate
Affected Packages
2
CVEs
2
Security update for bouncycastle
This update for bouncycastle fixes the following issues:
Version update to 1.60:
CVE-2018-1000613: Use of Externally-ControlledInput to Select Classes or Code (boo#1100694)
Release notes:
http://www.bouncycastle.org/releasenotes.html
Version update to 1.59:
- CVE-2017-13098: Fix against Bleichenbacher oracle when not using the lightweight APIs (boo#1072697).
- Release notes: http://www.bouncycastle.org/releasenotes.html
| Package | Affected Version |
|---|---|
 pkg:rpm/opensuse/bouncycastle?arch=noarch&distro=opensuse-leap-15.1
|
< 1.60-lp151.3.3.1 |
|
pkg:rpm/opensuse/bouncycastle-javadoc?arch=noarch&distro=opensuse-leap-15.1
|
< 1.60-lp151.3.3.1 |
- ID
- openSUSE-SU-2020:0607-1
- Severity
- moderate
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SJ5CQDJZHIR5UUASDLGQDV3YILWDOSU3/
- Published
-
2020-05-03T16:19:33
(4 years ago) - Modified
-
2020-05-03T16:19:33
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
DSA-4072-1
FEDORA-2018-ceced55c5e
FREEBSD:6A131FBF-EC76-11E7-AA65-001B216D295B
MAVEN:GHSA-4446-656P-F54G
VU:144389| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for openSUSE-SU-2020:0607-1 |
|
|
| Suse | E-Mail link for openSUSE-SU-2020:0607-1 |
|
|
| Bugzilla | SUSE Bug 1072697 |
|
|
| Bugzilla | SUSE Bug 1100694 |
|
|
| CVE | SUSE CVE CVE-2017-13098 page |
|
|
| CVE | SUSE CVE CVE-2018-1000613 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/opensuse/bouncycastle?arch=noarch&distro=opensuse-leap-15.1 | opensuse |
bouncycastle
|
< 1.60-lp151.3.3.1 | opensuse-leap-15.1 | noarch | |
| Affected | pkg:rpm/opensuse/bouncycastle-javadoc?arch=noarch&distro=opensuse-leap-15.1 | opensuse |
bouncycastle-javadoc
|
< 1.60-lp151.3.3.1 | opensuse-leap-15.1 | noarch |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |