You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa bouncycastle

Sigurnosni nedostatak programskog paketa bouncycastle

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2016-01-04 16:02:44.028206

Name : bouncycastle
Product : Fedora 22
Version : 1.50
Release : 8.fc22
Summary : Bouncy Castle Crypto Package for Java
Description :
The Bouncy Castle Crypto package is a Java implementation of cryptographic
algorithms. The package is organized so that it contains a light-weight API
suitable for use in any environment (including the newly released J2ME) with
the additional infrastructure to conform the algorithms to the JCE framework.

Update Information:

Security fix for CVE-2015-7940

[ 1 ] Bug #1276272 – CVE-2015-7940 bouncycastle: Invalid curve attack allowing to extract private keys

This update can be installed with the “yum” update program. Use
su -c ‘yum update bouncycastle’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorMarko Stanec
Cert idNCERT-REF-2016-01-0013-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa jenkins

Otkriveni su sigurnosni nedostaci u programskom paketu jenkins za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje XSS, CSRF...