[Bug 210825] New: RSA signature forgery issues in BouncyCastle < 1.34
bugzilla at redhat.com
bugzilla at redhat.com
Sun Oct 15 20:48:45 UTC 2006
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210825
Summary: RSA signature forgery issues in BouncyCastle < 1.34
Product: Fedora Core
Version: fc5
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: java-1.4.2-gcj-compat
AssignedTo: fitzsim at redhat.com
ReportedBy: ville.skytta at iki.fi
CC: fedora-security-list at redhat.com
>From BouncyCastle 1.34 release notes:
Security Advisory If you are using RSA with a public exponent of three you
must upgrade to this release if you want to avoid recent forgery attacks that
have been described against specific implementations of the RSA signature
algorithm.
java-1.4.2-gcj-compat in FC5 ship with BC 1.31 and may thus be affected.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the security
mailing list