Hello community,
here is the log from the commit of package bouncycastle for openSUSE:Factory
checked in at 2020-07-30 09:56:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/bouncycastle (Old)
and /work/SRC/openSUSE:Factory/.bouncycastle.new.3592 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "bouncycastle"
Thu Jul 30 09:56:23 2020 rev:27 rq:823297 version:1.66
Changes:
--------
--- /work/SRC/openSUSE:Factory/bouncycastle/bouncycastle.changes
2020-05-01 11:08:26.727207062 +0200
+++ /work/SRC/openSUSE:Factory/.bouncycastle.new.3592/bouncycastle.changes
2020-07-30 09:57:19.323086018 +0200
@@ -1,0 +2,51 @@
+Tue Jul 28 18:50:39 UTC 2020 - Pedro Monreal <pmonr...@suse.com>
+
+- Version update to 1.66
+ * Defects Fixed:
+ - EdDSA verifiers now reset correctly after rejecting overly long
signatures.
+ - BCJSSE: SSLSession.getPeerCertificateChain could throw
NullPointerException.
+ - qTESLA-I verifier would reject some valid signatures.
+ - qTESLA verifiers now reject overly long signatures.
+ - PGP regression caused failure to preserve existing version header when
+ headers were reset.
+ - PKIXNameConstraintValidator had a bad cast preventing use of multiple
+ OtherName constraints.
+ - Serialisation of the non-CRT RSA Private Key could cause a
NullPointerException.
+ - An extra 4 bytes was included in the start of HSS public key encodings.
+ - CMS with Ed448 using a direct signature was using id-shake256-len
+ rather than id-shake256.
+ - Use of GCMParameterSpec could cause an AccessControlException under
+ some circumstances.
+ - DTLS: Fixed high-latency HelloVerifyRequest handshakes.
+ - An encoding bug for rightEncoded() in KMAC has been fixed.
+ - For a few values the cSHAKE implementation would add unnecessary pad
bytes
+ where the N and S strings produced encoded data that was block aligned.
+ - There were a few circumstances where Argon2BytesGenerator might hit an
+ unexpected null. These have been removed.
+ * Additional Features and Functionality
+ - The qTESLA signature algorithm has been updated to v2.8 (20191108).
+ - BCJSSE: Client-side OCSP stapling now supports status_request_v2
extension.
+ - Support has been added for "ocsp.enable", "ocsp.responderURL" and
+ PKIXRevocationChecker for users of Java 8 and later.
+ - Support has been added for "org.bouncycastle.x509.enableCRLDP" to the
PKIX validator.
+ - BCJSSE: Now supports system property 'jsse.enableFFDHE'
+ - BCJSSE: Now supports system properties 'jdk.tls.client.SignatureSchemes'
+ and 'jdk.tls.server.SignatureSchemes'.
+ - Multi-release support has been added for Java 11 XECKeys.
+ - Multi-release support has been added for Java 15 EdECKeys.
+ - The MiscPEMGenerator will now output general PrivateKeyInfo structures.
+ - A new property "org.bouncycastle.pkcs8.v1_info_only" has been added to
+ make the provider only produce version 1 PKCS8 PrivateKeyInfo structures.
+ - The PKIX CertPathBuilder will now take the target certificate from the
target
+ constraints if a specific certificate is given to the selector.
+ - BCJSSE: A range of ARIA and CAMELLIA cipher suites added to supported
list.
+ - BCJSSE: Now supports the PSS signature schemes from RFC 8446 (TLS 1.2
onwards).
+ - Performance of the Base64 encoder has been improved.
+ - The PGPPublicKey class will now include direct key signatures when
checking
+ for key expiry times.
+ * NOTES:
+ - The qTESLA update breaks compatibility with previous versions.
+ Private keys now include a hash of the public key at the end,
+ and signatures are no longer interoperable with previous versions.
+
+-------------------------------------------------------------------
Old:
----
bcmail-jdk15on-1.65.pom
bcpg-jdk15on-1.65.pom
bcpkix-jdk15on-1.65.pom
bcprov-jdk15on-1.65.pom
bctls-jdk15on-1.65.pom
r1rv65.tar.gz
New:
----
bcmail-jdk15on-1.66.pom
bcpg-jdk15on-1.66.pom
bcpkix-jdk15on-1.66.pom
bcprov-jdk15on-1.66.pom
bctls-jdk15on-1.66.pom
r1rv66.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ bouncycastle.spec ++++++
--- /var/tmp/diff_new_pack.hLkqi0/_old 2020-07-30 09:57:26.055087365 +0200
+++ /var/tmp/diff_new_pack.hLkqi0/_new 2020-07-30 09:57:26.055087365 +0200
@@ -16,9 +16,9 @@
#
-%global ver 1.65
-%global shortver 165
-%global gittag r1rv65
+%global ver 1.66
+%global shortver 166
+%global gittag r1rv66
%global archivever jdk15on-%{shortver}
%global classname org.bouncycastle.jce.provider.BouncyCastleProvider
Name: bouncycastle
++++++ bcmail-jdk15on-1.65.pom -> bcmail-jdk15on-1.66.pom ++++++
--- /work/SRC/openSUSE:Factory/bouncycastle/bcmail-jdk15on-1.65.pom
2020-05-01 11:08:25.167203670 +0200
+++ /work/SRC/openSUSE:Factory/.bouncycastle.new.3592/bcmail-jdk15on-1.66.pom
2020-07-30 09:57:01.815082516 +0200
@@ -5,8 +5,8 @@
<artifactId>bcmail-jdk15on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle S/MIME API</name>
- <version>1.65</version>
- <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME
protocols. This jar contains S/MIME APIs for JDK 1.5 to JDK 1.8. The APIs can
be used in conjunction with a JCE/JCA provider such as the one provided with
the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation
framework will also be needed.</description>
+ <version>1.66</version>
+ <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME
protocols. This jar contains S/MIME APIs for JDK 1.5 and up. The APIs can be
used in conjunction with a JCE/JCA provider such as the one provided with the
Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation
framework will also be needed.</description>
<url>http://www.bouncycastle.org/java.html</url>
<licenses>
<license>
@@ -33,13 +33,13 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.65</version>
+ <version>1.66</version>
<type>jar</type>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
- <version>1.65</version>
+ <version>1.66</version>
<type>jar</type>
</dependency>
</dependencies>
++++++ bcpg-jdk15on-1.65.pom -> bcpg-jdk15on-1.66.pom ++++++
--- /work/SRC/openSUSE:Factory/bouncycastle/bcpg-jdk15on-1.65.pom
2020-05-01 11:08:25.459204305 +0200
+++ /work/SRC/openSUSE:Factory/.bouncycastle.new.3592/bcpg-jdk15on-1.66.pom
2020-07-30 09:57:04.211082995 +0200
@@ -5,8 +5,8 @@
<artifactId>bcpg-jdk15on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle OpenPGP API</name>
- <version>1.65</version>
- <description>The Bouncy Castle Java API for handling the OpenPGP protocol.
This jar contains the OpenPGP API for JDK 1.5 to JDK 1.8. The APIs can be used
in conjunction with a JCE/JCA provider such as the one provided with the Bouncy
Castle Cryptography APIs.</description>
+ <version>1.66</version>
+ <description>The Bouncy Castle Java API for handling the OpenPGP protocol.
This jar contains the OpenPGP API for JDK 1.5 and up. The APIs can be used in
conjunction with a JCE/JCA provider such as the one provided with the Bouncy
Castle Cryptography APIs.</description>
<url>http://www.bouncycastle.org/java.html</url>
<licenses>
<license>
@@ -38,7 +38,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.65</version>
+ <version>1.66</version>
<type>jar</type>
</dependency>
</dependencies>
++++++ bcpkix-jdk15on-1.65.pom -> bcpkix-jdk15on-1.66.pom ++++++
--- /work/SRC/openSUSE:Factory/bouncycastle/bcpkix-jdk15on-1.65.pom
2020-05-01 11:08:25.723204879 +0200
+++ /work/SRC/openSUSE:Factory/.bouncycastle.new.3592/bcpkix-jdk15on-1.66.pom
2020-07-30 09:57:07.499083653 +0200
@@ -5,8 +5,8 @@
<artifactId>bcpkix-jdk15on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF
APIs</name>
- <version>1.65</version>
- <description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF,
OCSP, and certificate generation. This jar contains APIs for JDK 1.5 to JDK
1.8. The APIs can be used in conjunction with a JCE/JCA provider such as the
one provided with the Bouncy Castle Cryptography APIs.</description>
+ <version>1.66</version>
+ <description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF,
OCSP, and certificate generation. This jar contains APIs for JDK 1.5 and up.
The APIs can be used in conjunction with a JCE/JCA provider such as the one
provided with the Bouncy Castle Cryptography APIs.</description>
<url>http://www.bouncycastle.org/java.html</url>
<licenses>
<license>
@@ -33,7 +33,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.65</version>
+ <version>1.66</version>
<type>jar</type>
</dependency>
</dependencies>
++++++ bcprov-jdk15on-1.65.pom -> bcprov-jdk15on-1.66.pom ++++++
--- /work/SRC/openSUSE:Factory/bouncycastle/bcprov-jdk15on-1.65.pom
2020-05-01 11:08:26.143205792 +0200
+++ /work/SRC/openSUSE:Factory/.bouncycastle.new.3592/bcprov-jdk15on-1.66.pom
2020-07-30 09:57:10.591084272 +0200
@@ -5,8 +5,8 @@
<artifactId>bcprov-jdk15on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle Provider</name>
- <version>1.65</version>
- <description>The Bouncy Castle Crypto package is a Java implementation of
cryptographic algorithms. This jar contains JCE provider and lightweight API
for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.</description>
+ <version>1.66</version>
+ <description>The Bouncy Castle Crypto package is a Java implementation of
cryptographic algorithms. This jar contains JCE provider and lightweight API
for the Bouncy Castle Cryptography APIs for JDK 1.5 and up.</description>
<url>http://www.bouncycastle.org/java.html</url>
<licenses>
<license>
++++++ bctls-jdk15on-1.65.pom -> bctls-jdk15on-1.66.pom ++++++
--- /work/SRC/openSUSE:Factory/bouncycastle/bctls-jdk15on-1.65.pom
2020-05-01 11:08:26.427206410 +0200
+++ /work/SRC/openSUSE:Factory/.bouncycastle.new.3592/bctls-jdk15on-1.66.pom
2020-07-30 09:57:13.123084778 +0200
@@ -5,7 +5,7 @@
<artifactId>bctls-jdk15on</artifactId>
<packaging>jar</packaging>
<name>Bouncy Castle JSSE provider and TLS/DTLS API</name>
- <version>1.65</version>
+ <version>1.66</version>
<description>The Bouncy Castle Java APIs for TLS and DTLS, including a
provider for the JSSE.</description>
<url>http://www.bouncycastle.org/java.html</url>
<licenses>
@@ -33,7 +33,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.65</version>
+ <version>1.66</version>
<type>jar</type>
</dependency>
</dependencies>
++++++ r1rv65.tar.gz -> r1rv66.tar.gz ++++++
/work/SRC/openSUSE:Factory/bouncycastle/r1rv65.tar.gz
/work/SRC/openSUSE:Factory/.bouncycastle.new.3592/r1rv66.tar.gz differ: char
30, line 2
