Update about Release – Bouncy Castle Java FIPS 2.1.1

We would also like to inform you that official CVEs have now been issued for the Bouncy Castle Java FIPS 2.1.0, which were fixed in the Bouncy Castle Java FIPS 2.1.1 patch release.

This release included:

• Fixes for minor issues, see the release notes.
• Resolution of CVE-2025-9092, see:
  • NVD record: https://www.cvedetails.com/cve/CVE-2025-9092/
  • Bouncy Castle Wiki page: https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909092
• Resolution of CVE-2025-9340, see:
  • NVD record: https://www.cvedetails.com/cve/CVE-2025-9340/
  • Bouncy Castle Wiki page: https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909340
• Resolution of CVE-2025-9341, see:
  • NVD record: https://www.cvedetails.com/cve/CVE-2025-9341/
  • Bouncy Castle Wiki page: https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%909341

Download