2024-04-29
1.78/1.78.1 is a mixture of security release and feature release. 4 CVEs are dealt with, in addition to that a NullPointerException that could occur in the OcspCache has been dealt with, PEM parsing is more forgiving of whitespace, a small error in the CCM length check for large nonce-sizes has been fixed. An issue in the BCJSSE that could cause issues with HSMs has been fixed, GOST public key algorithm parameters now follow RFC 9215. By way of additions NTRU now supports NTRU-HPS4096-1229 and NTRU-HRSS-1373 and the provider now has support for Java 21's KEMSpi using NTRU and SNTRU Prime. Composite signatures have been brought into line with the latest RFC draft, support has been added for encryption key derivation using HKDF in CMS, and an implementation of the XWing Hybrid KEM construction has also been added. Finally a new API supporting RFC 9420 "The Message Layer Security Protocol" has been added.
Further details on other additions and bug fixes can be found in the 1.78.1 and 1.78 release notes files accompanying the release.
Security Notes
Release 1.78 deals with the following CVEs:
Download 1.78.1 or learn more in the release notes: