CVE-2015-6644

Published: 06 January 2016

Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146.

Priority

Low

CVSS 3 base score: 3.3

Status

Package Release Status
bouncycastle
Launchpad, Ubuntu, Debian
Upstream
Released (1.56-1)
Ubuntu 21.10 (Impish Indri) Not vulnerable
(1.56-1)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(1.56-1)
Ubuntu 20.04 LTS (Focal Fossa) Not vulnerable
(1.56-1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(1.56-1)
Ubuntu 16.04 ESM (Xenial Xerus) Ignored
(end of standard support, was needed)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was released [1.49+dfsg-2ubuntu0.1])
Patches:
Vendor: https://gist.github.com/apoleon/56c92d38b767d3489e90c5df9304fc8f