1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4233-1] bouncycastle security update

    From Moritz Muehlenhoff@1:229/2 to All on Fri Jun 22 22:10:02 2018
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4233-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff
    June 22, 2018 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : bouncycastle
    CVE ID : CVE-2018-1000180

    It was discovered that the low-level interface to the RSA key pair
    generator of Bouncy Castle (a Java implementation of cryptographic
    algorithms) could perform less Miller-Rabin primality tests than
    expected.

    For the stable distribution (stretch), this problem has been fixed in
    version 1.56-1+deb9u2.

    We recommend that you upgrade your bouncycastle packages.

    For the detailed security status of bouncycastle please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/bouncycastle

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlstVJsACgkQEMKTtsN8 TjbYZw/+Ig5wYiaMaeNbnzRu8Je7e4jGvglWlqLeTX7xG2hpzaFHCeOFxTX9oJmt r/8y/wZMhf+pV3h1KlP9nxOLEhchcL4hSAM4necgVP6odykbH0Em2yAE5i7ae9ez oD9Ib7dUUFbRk2a19J4bVdXXUjb3YQCN1SsS5KVYfWDgzxa+dC34vhm3yfNqoPej 0sFczW7kuUUK61a9LwNmuTp8hVyvtNc5FjhK5mEB3Fi2EiYYn8UT/LNp5QElKB4i h7P6c1Q9jw8VSqvRqlt4n2+HAreKmOS8a61hFYFV/HFoer6rOxa03YDcC0rlva7O a0WcOzet/IzRCOJilj2TIgXBZzFb3peyzd4arTa/VCt794qHOTIElBnmvAvVeXBW yu83IQrDYrKnwm85K0R3YUXaBzaGTeVPwnYPJnYRydlF/zxvg7l9xx7Cy7PJN2Xh Y+visDrPob09QFNc4PYlzQ+V6vrFrygAPO7CJ7hY7KrF8nuhbt9Ygd75IBIMTqhZ QsQlAUZ8UU7q9vVPZCZFb89ks5WyRm8O7Kdn5wzEx1Egas1/jfUzfMOUYTEl0nfM iOk0Q0pFpbwQ+9vWZBMWYTVHXUi8jabBbJcM4g9xVzlDk2mqTVaimnFXfl28Y3aK D8ul9kVTrOOX/jutkY46hdLOhmGo52oHDW5qiJtQL49QzC+Qm3o=
    =p+RC
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)