K 10
svn:author
V 5
eugen
K 8
svn:date
V 27
2017-12-29T09:21:11.590933Z
K 7
svn:log
V 1276
bouncycastle15: update to version 1.59

This release fixes CVE-2017-13098 ("ROBOT"), a Bleichenbacher oracle in TLS
when RSA key exchange is negotiated. This potentially affected BCJSSE servers
and any other TLS servers configured to use JCE for the underlying crypto -
note the two TLS implementations using the BC lightweight APIs
are not affected by this.

Some of additional fixes, features and functionality:

* GOST3410-94 private keys encoded using ASN.1 INTEGER are now accepted
  in private key info objects; GOST3412-2015 has been added
  to the JCE provider and the lightweight API.
* SCRYPT is now supported as a SecretKeyFactory in the provider and
  in the PKCS8 APIs.
* The BCJSSE provider now supports Server Name Indication,
  session resumption in clients, the jdk.tls.namedGroups and
  org.bouncycastle.jsse.ec.disableChar2 system properties.
* ECGOST-2012 public keys were being encoded with the wrong OID
  for the digest parameter in the algorithm parameter set. This has been fixed.
* The BCJSSE SSLEngine implementation now correctly wraps/unwraps
  application data only in whole records.

Further details on other additions and bug fixes can be found in the
release notes at:

https://www.bouncycastle.org/releasenotes.html

Security:	CVE-2017-13098

END