Information on source package bouncycastle

Available versions

ReleaseVersion
jessie1.49+dfsg-3+deb8u3
stretch1.56-1+deb9u4
stretch (security)1.56-1+deb9u3
buster1.60-1+deb10u1
bullseye1.68-2
bookworm1.72-2
trixie1.77-1
sid1.77-1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-34447vulnerable (no DSA, postponed)vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableAn issue was discovered in Bouncy Castle Java Cryptography APIs before ...
CVE-2024-30172vulnerable (no DSA, postponed)vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableAn issue was discovered in Bouncy Castle Java Cryptography APIs before ...
CVE-2024-30171vulnerable (no DSA, postponed)vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableAn issue was discovered in Bouncy Castle Java TLS API and JSSE Provide ...
CVE-2024-29857vulnerable (no DSA, postponed)vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableAn issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castl ...
CVE-2023-33202vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA)vulnerable (no DSA)fixedfixedBouncy Castle for Java before 1.73 contains a potential Denial of Serv ...
CVE-2023-33201vulnerable (no DSA, postponed)fixedfixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedBouncy Castle For Java before 1.74 is affected by an LDAP injection vu ...
CVE-2020-26939fixedfixedvulnerable (no DSA)fixedfixedfixedfixedIn Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1. ...
CVE-2020-15522vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedBouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA bef ...
CVE-2016-1000352vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedIn the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES i ...
CVE-2016-1000344vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedIn the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES i ...

Resolved issues

BugDescription
CVE-2020-28052An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 an ...
CVE-2019-17359The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigge ...
CVE-2018-1000613Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptogra ...
CVE-2018-1000180Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier h ...
CVE-2018-5382The default BKS keystore use an HMAC that is only 16 bits long, which ...
CVE-2017-13098BouncyCastle TLS prior to version 1.0.3, when configured to use the JC ...
CVE-2016-1000346In the Bouncy Castle JCE Provider version 1.55 and earlier the other p ...
CVE-2016-1000345In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/E ...
CVE-2016-1000343In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key ...
CVE-2016-1000342In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does ...
CVE-2016-1000341In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signatu ...
CVE-2016-1000340In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propa ...
CVE-2016-1000339In the Bouncy Castle JCE Provider version 1.55 and earlier the primary ...
CVE-2016-1000338In Bouncy Castle JCE Provider version 1.55 and earlier the DSA does no ...
CVE-2015-7940The Bouncy Castle Java library before 1.51 does not validate a point i ...
CVE-2015-6644Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 ...
CVE-2014-3566The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other prod ...
CVE-2013-1624The TLS implementation in the Bouncy Castle Java library before 1.48 a ...
CVE-2013-0169The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as use ...
CVE-2011-3389The SSL protocol, as used in certain configurations in Microsoft Windo ...
CVE-2007-6721The Legion of the Bouncy Castle Java Cryptography API before release 1 ...

Security announcements

DSA / DLADescription
DLA-3514-1bouncycastle - security update
ELA-913-1bouncycastle - security update
DLA-2433-1bouncycastle - security update
DLA-1418-1bouncycastle - security update
DSA-4233-1bouncycastle - security update
DSA-4072-1bouncycastle - security update
DSA-3829-1bouncycastle - security update
DLA-893-1bouncycastle - security update
DSA-3417-1bouncycastle - security update
DLA-361-1bouncycastle - security update

Search for package or bug name: Reporting problems