Security update for bouncycastle (moderate)

2020-05-04T00:17:37
ID OPENSUSE-SU-2020:0607-1
Type suse
Reporter Suse
Modified 2020-05-04T00:17:37

Description

This update for bouncycastle fixes the following issues:

Version update to 1.60:

  • CVE-2018-1000613: Use of Externally-ControlledInput to Select Classes or Code (boo#1100694)

  • Release notes: <a rel="nofollow" href="http://www.bouncycastle.org/releasenotes.html">http://www.bouncycastle.org/releasenotes.html</a>

Version update to 1.59:

  • CVE-2017-13098: Fix against Bleichenbacher oracle when not using the lightweight APIs (boo#1072697).
  • Release notes: <a rel="nofollow" href="http://www.bouncycastle.org/releasenotes.html">http://www.bouncycastle.org/releasenotes.html</a>