Skip to content

Bump bcprov-ext-jdk15on from 1.61 to 1.62 #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot-preview wants to merge 1 commit into from
Closed

Bump bcprov-ext-jdk15on from 1.61 to 1.62 #9

dependabot-preview wants to merge 1 commit into from

Conversation

@dependabot-preview
Copy link

@dependabot-preview dependabot-preview bot commented Aug 29, 2019

Bumps bcprov-ext-jdk15on from 1.61 to 1.62.

Changelog

Sourced from bcprov-ext-jdk15on's changelog.

<title>Bouncy Castle Crypto Package - Release Notes</title>

Bouncy Castle Crypto Package - Release Notes





1.0 Introduction



The Bouncy Castle Crypto package is a Java implementation of 
cryptographic algorithms.  The package is organised so that it 
contains a light-weight API suitable for use in any environment
(including the J2ME) with the additional infrastructure
to conform the algorithms to the JCE framework.



2.0 Release History


2.1.1 Version

Release: 1.63

Date:      2019

2.1.2 Defects Fixed


    

  • The ASN.1 parser would throw a large object exception for some objects which could be safely parsed. This has been fixed.
    • 

  • GOST3412-2015 CTR mode was unusable at the JCE level. This has been fixed.
    • 

  • The DSTU MACs were failing to reset fully on doFinal(). This has been fixed.
    • 

  • The DSTU MACs would throw an exception if the key was a multiple of the size as the MAC's underlying buffer size. This has been fixed.
    • 

  • EdEC and QTESLA were not previously usable with the post Java 9 module structure. This is now fixed.

  • ECNR was not correctly bounds checking the input and could produce invalid signatures. This is now fixed.
    • 



2.1.3 Additional Features and Functionality


    

  • QTESLA is now updated with the round 2 changes. Note: the security catergories, and in some cases key generation and signatures, have changed. For people interested in comparison, the round 1 version is now moved to org.bouncycastle.pqc.crypto.qteslarnd1 - this package will be deleted in 1.64. Please keep in mind that QTESLA may continue to evolve.
    • 

  • Support has been added for generating Ed25519/Ed448 signed certificates.
    • 

  • A method for recovering the message/digest value from an ECNR signature has been added.
    • 

  • Support for the ZUC-128 and ZUC-256 ciphers and MACs has been added to the provider and the lightweight API.
    • 



2.2.1 Version

Release: 1.62

Date:      2019, June 3rd.

2.2.2 Defects Fixed


    
 ... (truncated)






Commits






Dependabot compatibility score


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.




Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.


You can always request more updates by clicking Bump now in your Dependabot dashboard.



Dependabot commands and options



You can trigger Dependabot actions by commenting on this PR:


    

  • @dependabot rebase will rebase this PR
    • 

  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • 

  • @dependabot merge will merge this PR after your CI passes on it
    • 

  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • 

  • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • 

  • @dependabot reopen will reopen this PR if it is closed
    • 

  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • 

  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • 

  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • 

  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • 

  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • 

  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • 

  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • 

  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • 

  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme
    • 



Additionally, you can set the following in your Dependabot dashboard:


    

  • Update frequency (including time of day and day of week)
    • 

  • Pull request limits (per update run and/or open at any time)
    • 

  • Out-of-range updates (receive only lockfile updates, if desired)
    • 

  • Security updates (receive only security updates, if desired)
    • 



Finally, you can contact us by mentioning @dependabot.



    

  
  



      


          

          
  
  

    
  
    
    

  

  

  



                    

          
        





  




      

       
            



      

  
        





      

  
            

    

      
    

    


      


          @dependabot-preview
dependabot-preview
bot



          added
  the 

  dependencies

  Pull requests that update a dependency file
 label


      Aug 29, 2019

    

  








      

  
      



  

  @dependabot-preview






  



    

      

  

    

      

          
    
    

  


        
            
  
      
              Copy link

  

        
      

    


    

        



        

  Author


    

  


  

    

      
          
      

      
            dependabot-preview
  bot

      

      

      commented


        Sep 17, 2019


      
    


  





      


        



  
    

      
          
Superseded by #12.


      		
    

  





        


            

            
            

              
            

        

      


      

            
  
  

    
  
    
    

  

  

  


    












      

  
            

    


  

  
  

  
      @dependabot-preview
  dependabot-preview
bot

    
    deleted the
    
      
        dependabot/maven/org.bouncycastle-bcprov-ext-jdk15on-1.62
    
    branch

    September 17, 2019 07:03    
    













  
  

    

      

  




      


    


    

      

        
      

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  



      

    

  




  
          



      

  

    
    

    

  

    Reviewers
  


    

    No reviews






    
    

    

  


      
  

    Assignees
  



        


    No one assigned







      


  


  

    Labels
  



    

      

    dependencies

  Pull requests that update a dependency file








      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    

      
        

          
  

    Development
  



            


Successfully merging this pull request may close these issues.





  
  



      
    

  




      

    

  
      

  

    

      0 participants