Candidate: CVE-2016-1000352
PublicDate: 2018-06-04 21:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000352
Description:
 In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES
 implementation allowed the use of ECB mode. This mode is regarded as unsafe
 and support for it has been removed from the provider.
Ubuntu-Description:
Notes:
 mdeslaur> This is an intrusive change to introduce to Ubuntu 14.04 LTS.
 mdeslaur> Marking as ignored.
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N [7.4 HIGH]


Patches_bouncycastle:
 upstream: https://github.com/bcgit/bc-java/commit/9385b0ebd277724b167fe1d1456e3c112112be1f
upstream_bouncycastle: released (1.56-1)
precise/esm_bouncycastle: DNE
trusty_bouncycastle: ignored
trusty/esm_bouncycastle: DNE (trusty was ignored)
xenial_bouncycastle: ignored (end of standard support, was needed)
artful_bouncycastle: not-affected (1.57-1)
bionic_bouncycastle: not-affected (1.59-1)
cosmic_bouncycastle: not-affected (1.60-1)
disco_bouncycastle: not-affected (1.60-1)
eoan_bouncycastle: not-affected (1.60-1)
focal_bouncycastle: not-affected (1.60-1)
groovy_bouncycastle: not-affected (1.60-1)
hirsute_bouncycastle: not-affected (1.60-1)
impish_bouncycastle: not-affected (1.60-1)
jammy_bouncycastle: not-affected (1.60-1)
devel_bouncycastle: not-affected (1.60-1)