Ubuntu Security Notice 3727-1 - It was discovered that Bouncy Castle incorrectly handled certain crypto algorithms. A remote attacker could possibly use these issues to obtain sensitive information, including private keys.
60e0e0a68a7a347593dfe99c12b72c05729ca8bcf40633b9aafc691863bb7acd==========================================================================
Ubuntu Security Notice USN-3727-1
August 01, 2018
bouncycastle vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Bouncy Castle.
Software Description:
- bouncycastle: Java implementation of cryptographic algorithms
Details:
It was discovered that Bouncy Castle incorrectly handled certain crypto
algorithms. A remote attacker could possibly use these issues to obtain
sensitive information, including private keys.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
libbcmail-java 1.49+dfsg-2ubuntu0.1
libbcpg-java 1.49+dfsg-2ubuntu0.1
libbcpkix-java 1.49+dfsg-2ubuntu0.1
libbcprov-java 1.49+dfsg-2ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3727-1
CVE-2015-6644, CVE-2015-7940, CVE-2016-1000338, CVE-2016-1000339,
CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000345,
CVE-2016-1000346
Package Information:
https://launchpad.net/ubuntu/+source/bouncycastle/1.49+dfsg-2ubuntu0.1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed