This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 806262 - bouncycastle-1.48 is available
bouncycastle-1.48 is available
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: bouncycastle (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Juan Hernández
Fedora Extras Quality Assurance
: FutureFeature, Reopened, Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-23 07:05 EDT by Upstream Release Monitoring
Modified: 2013-02-22 08:18 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-02-22 05:22:35 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
incomplete patch for itext using bc-1.47 (32.76 KB, patch)
2013-02-22 08:18 EST, Orcan Ogetbil
no flags Details | Diff

  None (edit)
Description Upstream Release Monitoring 2012-03-23 07:05:05 EDT
Latest upstream release: 1.47
Current version in Fedora Rawhide: 1.46
URL: http://www.bouncycastle.org/

Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy

More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Comment 1 Orcan Ogetbil 2012-05-08 22:29:47 EDT
Hi spot, 

thanks for updating bouncycastle to 1.47 in rawhide, but there were good reasons for me to keep it at 1.46. Mainly, we cannot update one of the main users of this package, itext, due to legal issues, and our version of itext needs bouncycastle-1.46 or earlier. Please see the discussion [1] and the links therein for the FE-Legal response for updating itext.

Bouncycastle made major API changes between 1.46 and 1.47. While I was able to port big parts of the itext code to the 1.47, I realized that some needed parts of the bouncycastle library were removed entirely. The 1.47 update has another problem with the change of these package names, e.g. bouncycastle-tsp does not exist for 1.47 and its contents are distributed into other packages currently unavailable at Fedora. So a careful consideration and planning (including new package review requests) is required really for this update.


I did not check, but the 1.47 update might also cause problems with other bouncycastle users.

To this end, I will be downgrading bouncycastle to 1.46 in rawhide unless you have an objection.

By the way, the bouncycastle suite consists of 3 packages: bounycastle, bounycastle-mail, bounycastle-tsp. The other two packages will also need to be rebuilt with the original tarballs. 


[1] http://lists.fedoraproject.org/pipermail/legal/2011-June/001653.html
Comment 2 Orcan Ogetbil 2012-05-08 22:43:22 EDT
I just removed the 'f18' tag from the build before the next rawhide compose. So we can get away with not using the epoch.
Comment 3 Tom "spot" Callaway 2012-05-09 09:31:17 EDT
Sorry about that! Feel free to sync the changes from f17 into rawhide instead.
Comment 4 Orcan Ogetbil 2012-05-09 19:47:48 EDT
Not a problem. I rebuilt bouncycastle-mail with the upstream tarball on F16+ and appended it to the bouncycastle update in bodhi. Apparently bouncycastle-tsp does not need a rebuild since it is using the upstream tarball already.
Comment 5 Fedora Update System 2012-05-10 08:08:18 EDT
bouncycastle-pg-1.46-7.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/bouncycastle-pg-1.46-7.fc17
Comment 6 Orcan Ogetbil 2012-05-10 08:28:37 EDT
The above update is not a "fix" for this bug report. Reverting status from MODIFIED to NEW.
Comment 7 Fedora Update System 2012-05-10 16:38:44 EDT
Package bouncycastle-pg-1.46-7.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing bouncycastle-pg-1.46-7.fc17'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-7612/bouncycastle-pg-1.46-7.fc17
then log in and leave karma (feedback).
Comment 8 Fedora Update System 2012-05-26 03:54:13 EDT
bouncycastle-pg-1.46-7.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Orcan Ogetbil 2012-05-26 10:50:13 EDT
Again, this update is not related to the bug. Reopening.
Comment 10 Upstream Release Monitoring 2013-02-11 07:10:59 EST
Latest upstream release: 1.48
Current version in Fedora Rawhide: 1.46
URL: http://www.bouncycastle.org/

Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy

More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring
Comment 11 Fedora Admin XMLRPC Client 2013-02-22 04:46:48 EST
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 12 Tom "spot" Callaway 2013-02-22 05:22:35 EST
Updated to 1.48 in rawhide. If itext can't use it, then someone should package bouncycastle146.
Comment 13 Orcan Ogetbil 2013-02-22 08:16:34 EST
I am fine with that as I don't maintain itext and bouncycastle* anymore.

But this is a lot of work.

spot: 
Just updating bouncycastle to 1.48 is not good. You need to update also bouncycastle-mail and bouncycastle-tsp to 1.48. Unfortunately bouncycastle-tsp is renamed by upstream to bouncycastle-pkix, A new review request is required.

After this is done, as spot says one needs to package bouncycastle146, bouncycastle-mail146, and bouncycastle-tsp146; and patch itext to use them instead. Alternatively one can fix itext to use bouncycastle-1.48. I am attaching a (incomplete) patch that ports itext to bouncycastle-1.47 API. I don't know if there are API changes between 1.47 and 1.48.

The new maintainer can use this as a starting point. Also CCing the new itext maintainer.
Comment 14 Orcan Ogetbil 2013-02-22 08:18:08 EST
Created attachment 701191 [details]
incomplete patch for itext using bc-1.47

Note You need to log in before you can comment on or make changes to this bug.