Your submission was sent successfully! Close

CVE-2016-1000352

Published: 4 June 2018

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.

Priority

Medium

CVSS 3 base score: 7.4

Status

Package Release Status
bouncycastle
Launchpad, Ubuntu, Debian
artful Not vulnerable
(1.57-1)
bionic Not vulnerable
(1.59-1)
cosmic Not vulnerable
(1.60-1)
disco Not vulnerable
(1.60-1)
eoan Not vulnerable
(1.60-1)
focal Not vulnerable
(1.60-1)
groovy Not vulnerable
(1.60-1)
hirsute Not vulnerable
(1.60-1)
impish Not vulnerable
(1.60-1)
jammy Not vulnerable
(1.60-1)
precise Does not exist

trusty Does not exist
(trusty was ignored)
upstream
Released (1.56-1)
xenial Ignored
(end of standard support, was needed)

Notes

AuthorNote
mdeslaur
This is an intrusive change to introduce to Ubuntu 14.04 LTS.
Marking as ignored.

References

Bugs