notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Port details
bouncycastle15 Cleanroom build of Java Cryptography Extensions
1.61_1 java on this many watch lists=0 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port 1.61Version of this port present on the latest quarterly branch.
Maintainer: eugen@FreeBSD.org search for ports maintained by this maintainer
Port Added: 2016-07-29 11:24:02
Last Update: 2019-04-03 19:07:41
SVN Revision: 497741
Also Listed In: security
License: MIT
Description:
SVNWeb : Homepage
pkg-plist: as obtained via: make generate-plist
Expand this list (14 items)
  1. /usr/local/share/licenses/bouncycastle15-1.61_1/catalog.mk
  2. /usr/local/share/licenses/bouncycastle15-1.61_1/LICENSE
  3. /usr/local/share/licenses/bouncycastle15-1.61_1/MIT
  4. share/java/classes/bcmail.jar
  5. share/java/classes/bcpg.jar
  6. share/java/classes/bcpkix.jar
  7. share/java/classes/bcprov.jar
  8. share/java/classes/bcprov-ext.jar
  9. share/java/classes/bctest.jar
  10. share/java/classes/bctls.jar
  11. share/bouncycastle/bcmail-src.zip
  12. share/bouncycastle/bcpg-src.zip
  13. share/bouncycastle/bcpkix-src.zip
  14. share/bouncycastle/bcprov-src.zip
Collapse this list.
Dependency lines:
  • bouncycastle15>0:java/bouncycastle15
Conflicts:
CONFLICTS_INSTALL:
  • bouncycastle-1.4*
Conflicts Matches:
There are no Conflicts Matches for this port. This is usually an error.
To install the port: cd /usr/ports/java/bouncycastle15/ && make install clean
To add the package: pkg install bouncycastle15
PKGNAME: bouncycastle15
Flavors: there is no flavor information for this port.
distinfo:

Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. mail.jar : java/javamail
  2. junit.jar : java/junit
  3. java : java/openjdk8
  4. ant : devel/apache-ant
Runtime dependencies:
  1. mail.jar : java/javamail
  2. java : java/openjdk8
This port is required by:
for Run
  1. print/pdfbox

Configuration Options

USES:

Master Sites:
  1. http://polydistortion.net/bc/download/
  2. http://www.bouncycastle.org/download/

Number of commits found: 13

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
03 Apr 2019 18:07:41
Original commit files touched by this commit  1.61_1
Revision:497741
eugen search for other commits by this committer
java/bouncycastle15: install signed bcprov.jar

Previous revision 497549 switched to install bcprov.jar build from sources
instead of bundled version. However, the bundled version of JAR file is signed
that is essential as is provides an implementation of a Provider
in the Java Cryptography Architecture. For details, refer to
https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/HowToImplAProvider.html

Partially back out that revision to install bundled bcprov.jar as before.

Thanks to Alex Dupre for reporting this.

Reported by:	ale
02 Apr 2019 06:57:19
Original commit files touched by this commit  1.61
Revision:497549
eugen search for other commits by this committer
java/bouncycastle15: update to version 1.61

This release adds support for the qTESLA signature alogirithm
and the password hashing algorithm Argon2. Support for endpoint
ID validation has been added to the BCJSSE, and the TLS/BCJSEE API's
journey to TLS 1.3 has continued.

Support has been added to the provider for the Ed25519 and Ed448
signature algorithms and provider support has also been added
for X25519 and X448.

A new API for directly parsing and creating S/MIME documents has been added
to the PKIX APIs. In terms of bug fixes, the TLS api will now tolerate
unrecognized hash algorithms and SNI types.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
16 Jul 2018 16:59:25
Original commit files touched by this commit  1.60_1
Revision:474750
ale search for other commits by this committer
Remove java/jaf port, since the Java Activation Framework is included by
default in the JRE since Java 6 and we don't support Java 5 anymore.

Reviewed by:	eugen
15 Jul 2018 15:00:50
Original commit files touched by this commit  1.60
Revision:474695
eugen search for other commits by this committer
bouncycastle15: update to version 1.60

This release deals with two CVEs: one affecting RSA key pair generation
where the certainty value is being tweaked in the light-weight API,
and the other on properly validating an XMSS/XMSS^MT private key on reload.

In terms of improvements, the BCJSSE now supports SNI,
CMS now supports SHA-3 signatures, the Unified Model is now fully supported
for Diffie-Hellman with ephemeral keys, and PGP EC operations can support
a wider range of curves. Issues have also been fixed in EST,
CRMF request generation, and low-level support has been added for EdDSA.

Further details on other additions and bug fixes can be found in the
release notes at:

https://www.bouncycastle.org/releasenotes.html

Security:	CVE-2018-1000180
Security:	CVE-2018-1000613
MFH:		2018Q3
29 Dec 2017 09:21:11
Original commit files touched by this commit  1.59
Revision:457500 This port version is marked as vulnerable.
eugen search for other commits by this committer
bouncycastle15: update to version 1.59

This release fixes CVE-2017-13098 ("ROBOT"), a Bleichenbacher oracle in TLS
when RSA key exchange is negotiated. This potentially affected BCJSSE servers
and any other TLS servers configured to use JCE for the underlying crypto -
note the two TLS implementations using the BC lightweight APIs
are not affected by this.

Some of additional fixes, features and functionality:

* GOST3410-94 private keys encoded using ASN.1 INTEGER are now accepted
  in private key info objects; GOST3412-2015 has been added
  to the JCE provider and the lightweight API.
* SCRYPT is now supported as a SecretKeyFactory in the provider and
  in the PKCS8 APIs.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
10 Oct 2017 21:31:30
Original commit files touched by this commit  1.58
Revision:451721 This port version is marked as vulnerable.
linimon search for other commits by this committer
For ports that are explicitly enabled on armv6, also enable them
on armv7.  This has not been tested with an -exp run but should
"do no harm".

PR:		221894 (partial)
22 Aug 2017 16:51:42
Original commit files touched by this commit  1.58
Revision:448566 This port version is marked as vulnerable.
eugen search for other commits by this committer
Update to version 1.58

The main focus in this release is on features. Considerable work has
been done on improving the TLS/DTLS API and the BCJSSE. Support for
ECGOST3410-2012 has been added for both signing and key
agreement/exchange. The DSTU-7564 digest and DSTU-7624 (Kalyna) cipher
have also been added. Support for XMSS and XMSS^MT has been added to the
BCPQC provider and certificate support for the BCPQC algorithms is much
improved.

Further details on other additions and bug fixes can be found in the
release notes at:

https://www.bouncycastle.org/releasenotes.html
11 Jul 2017 05:38:31
Original commit files touched by this commit  1.57
Revision:445468 This port version is marked as vulnerable.
eugen search for other commits by this committer
Fix build of java/bouncycastle15 on armv6:
remove fork="true" in javac and fork="yes" in junit tasks (ant/bc+-build.xml)

Original report:

  If java/bouncycastle15 is build on armv6 with openjdk18, the build stops with
  This command is not for general use and should only be run as the result of a
call to ProcessBuilder.start() or Runtime.exec() in a java application

PR:		220612
Submitted by:	Gerrit Beine <mail+freebsd@gerritbeine.de> (based on)
Approved by:	az (mentor)
20 May 2017 17:41:42
Original commit files touched by this commit  1.57
Revision:441324 This port version is marked as vulnerable.
eugen search for other commits by this committer
Update java/bouncycastle15 upto 1.57
11 Mar 2017 18:54:46
Original commit files touched by this commit  1.56
Revision:435952 This port version is marked as vulnerable.
eugen search for other commits by this committer
Switch MAINTAINER to my new account for my ports.

Reviewed by:	az

M    devel/py-application/Makefile
M    devel/py-xcaplib/Makefile
M    java/bouncycastle15/Makefile
M    net/py-msrplib/Makefile
27 Dec 2016 16:37:39
Original commit files touched by this commit  1.56
Revision:429629 This port version is marked as vulnerable.
pi search for other commits by this committer
java/bouncycastle15: update 1.55 -> 1.56

port changes:
- upstream updated list of its MASTER_SITES (bouncycastle.gva.es
  is gone, downloads.bouncycastle.org changed to www.bouncycastle.org);
- pkg-descr updated to reflect current features;
- installation of zipped bundled sources made optional, enabled by
  default to match previous behavior.

Some of new version changes:
- a new API for DTLS/TLS and a JSSE provider suitable for Java 5 and later;
- support for RFC 7539 ChaCha20 and Poly1305 has also been added
  and general support for SHA-3 in the PKIX APIs has been improved;

Full details of the release:

PR:		215507
Changes:	https://www.bouncycastle.org/releasenotes.html
Security:       CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340,
		CVE-2016-1000341, CVE-2016-1000342, CVE-2016-1000343,
		CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346,
		CVE-2016-1000352
Submitted by:	Eugene Grosbein <ports@grosbein.net> (maintainer)
25 Aug 2016 10:35:41
Original commit files touched by this commit  1.55
Revision:420839 This port version is marked as vulnerable.
amdmi3 search for other commits by this committer
- Update to 1.55

PR:		212133
Submitted by:	ports@grosbein.net (maintainer)
29 Jul 2016 11:23:55
Original commit files touched by this commit  1.54
Revision:419237 This port version is marked as vulnerable.
vsevolod search for other commits by this committer
Version 1.54 of the Bouncy Castle Crypto APIs.

The FreeBSD Ports Collection already has 1.45 version of the Bouncy Castle and
this new port is based on java/bouncycastle.

Newer versions are not API-compatible with that older one. Some say they should
be given 2.x version numbers. So, this new version comes as distinct port
java/bouncycastle15 instead of update for existing java/bouncycastle15 to keep
old API version available.

This is neccessary dependency for other port updates, e.g. newer version of
iText PDF (devel/itext) requires new API of modern Bouncy Castle versions.

PR:		211316
Submitted by:	Eugen Grosbein <eugen=at=grosbein.net>

Number of commits found: 13

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
py-pillowOct 15
mod_perl2Oct 09
xpdfOct 06
xpdf3Oct 06
xpdf4Oct 06
unboundOct 03
cactiOct 02
gitlab-ceOct 02
gitlab-ceOct 02
ruby24Oct 02
ruby25Oct 02
mongodb34Sep 30
mongodb34Sep 30
mongodb36Sep 30
mongodb36Sep 30

8 vulnerabilities affecting 24 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2019-10-15 15:43:31


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 37997
Broken 396
Deprecated 425
Ignore 662
Forbidden 3
Restricted 160
No CDROM 74
Vulnerable 30
Expired 8
Set to expire 396
Interactive 0
new 24 hours 6
new 48 hours8
new 7 days27
new fortnight61
new month231

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2019 Dan Langille. All rights reserved.