This release deals with two CVEs: one affecting RSA key pair generation
where the certainty value is being tweaked in the light-weight API,
and the other on properly validating an XMSS/XMSS^MT private key on reload.
In terms of improvements, the BCJSSE now supports SNI,
CMS now supports SHA-3 signatures, the Unified Model is now fully supported
for Diffie-Hellman with ephemeral keys, and PGP EC operations can support
a wider range of curves. Issues have also been fixed in EST,
CRMF request generation, and low-level support has been added for EdDSA.
Further details on other additions and bug fixes can be found in the
release notes at:
https://www.bouncycastle.org/releasenotes.html
Security: CVE-2018-1000180
Security: CVE-2018-1000613
MFH: 2018Q3
This is the FreeBSD Ports Collection. For an easy to use
WEB-based interface to it, please see:
https://www.FreeBSD.org/ports
For general information on the Ports Collection, please see the
FreeBSD Handbook ports section which is available from:
https://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/ports.html
for the latest official version
or:
The ports(7) manual page (man ports).
These will explain how to use ports and packages.
If you would like to search for a port, you can do so easily by
saying (in /usr/ports):
make search name="<name>"
or:
make search key="<keyword>"
which will generate a list of all ports matching <name> or <keyword>.
make search also supports wildcards, such as:
make search name="gtk*"
For information about contributing to FreeBSD ports, please see the Porter's
Handbook, available at:
https://www.FreeBSD.org/doc/en_US.ISO8859-1/books/porters-handbook/
NOTE: This tree will GROW significantly in size during normal usage!
The distribution tar files can and do accumulate in /usr/ports/distfiles,
and the individual ports will also use up lots of space in their work
subdirectories unless you remember to "make clean" after you're done
building a given port. /usr/ports/distfiles can also be periodically
cleaned without ill-effect.
a1b0b79573