CVE-2016-1000352
Published: 4 June 2018
In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.
Priority
Medium
CVSS 3 base score: 7.4
Status
| Package | Release | Status |
|---|---|---|
|
bouncycastle Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(1.57-1)
|
| bionic |
Not vulnerable
(1.59-1)
|
|
| cosmic |
Not vulnerable
(1.60-1)
|
|
| disco |
Not vulnerable
(1.60-1)
|
|
| eoan |
Not vulnerable
(1.60-1)
|
|
| focal |
Not vulnerable
(1.60-1)
|
|
| groovy |
Not vulnerable
(1.60-1)
|
|
| hirsute |
Not vulnerable
(1.60-1)
|
|
| impish |
Not vulnerable
(1.60-1)
|
|
| jammy |
Not vulnerable
(1.60-1)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
(trusty was ignored)
|
|
| upstream |
Released
(1.56-1)
|
|
| xenial |
Ignored
(end of standard support, was needed)
|
Notes
| Author | Note |
|---|---|
| mdeslaur | This is an intrusive change to introduce to Ubuntu 14.04 LTS. Marking as ignored. |