Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210825
Summary: RSA signature forgery issues in BouncyCastle < 1.34
Product: Fedora Core
Version: fc5
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: normal
Component: java-1.4.2-gcj-compat
AssignedTo: fitzsim(a)redhat.com
ReportedBy: ville.skytta(a)iki.fi
CC: fedora-security-list(a)redhat.com
From BouncyCastle 1.34 release notes:
Security Advisory If you are using RSA with a public exponent of three you
must upgrade to this release if you want to avoid recent forgery attacks that
have been described against specific implementations of the RSA signature
algorithm.
java-1.4.2-gcj-compat in FC5 ship with BC 1.31 and may thus be affected.
--
Configure bugmail:
https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.