Changelog for bouncycastle-fips-javadoc-1.0.2.4-150400.3.1.noarch.rpm :

* Mon Apr 29 2024 fstrbaAATTsuse.com- Update to upstream version 1.0.2.4
* Defects Fixed + BC-FJA-1.0.2.3-02: JCA aliases do not correctly reflect JCA attributes for supporting algorithm. This is now fixed. + BC-FJA-1.0.2.3-03: CVE-2022-45156 Java 13 garbage collector changes result in early finalisation of some keys under high loads with Java 17. This is now fixed. + BC-FJA-1.0.2.3-04: Default Locale may interfere with ASN.1 dates - module now attempts to identify an ASN.1 friendly locale now identified. + BC-FJA-1.0.2.3-05: CVE-2023-33202 Possible denial of service by within Bouncy Castle PEM parser class.
* Additions + End of 2023 transition for Triple-DES encryption. The provider blocks Triple-DES encryption. The following properties can be used to override the default behaviour: - org.bouncycastle.tripledes.allow_drbg (allow use with DRBGs) - org.bouncycastle.tripledes.allow_prf (allow use in KDFs) - org.bouncycastle.tripledes.allow_wrap (allow use with key wrapping) - org.bouncycastle.tripledes.allow_enc (allow Triple-DES encryption) + End of 2023 transition for RSA PKCS1.5 encryption. The provider blocks RSA with PKCS1.5 encryption. The following property can be used to override the default behaviour: - org.bouncycastle.rsa.allow_pkcs15_enc (allow use of PKCS1.5) + MD5 is now explicitly disabled in approved mode unless the property org.bouncycastle.jsse.enable_md5 is set to true. + Identification and use of system entropy source optimisations (elimination of possible exception throwing, configuration for thread local SecureRandom provider) + All secret key and private key types now provide support for Destroyable. + Hex.decodeStrict() added to Hex encoder.
* Thu May 19 2022 fstrbaAATTsuse.com- Initial packaging of BouncyCastle FIPS module 1.0.2.3