jruby-openssl 0.15.4.pre1-java → 0.15.5-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8783369be714774eb17afb15310b6fb22d9f6df666682b86f2b5f8f13412fdec
-  data.tar.gz: 4ad8d8a5bfc0cbb0cb65fab31ff175960a2f2ad066d61a5807ca6bc9ebd47859
+  metadata.gz: cdaa4d0178493f8513475352340c08ebc227940a0952285378ef16b7447a6927
+  data.tar.gz: 2559085b52ffdc8f3c337dcef67647afae6d0b7b94e486a5423326e132534dc9
 SHA512:
-  metadata.gz: 7d8c46d86ccad8bfc0e9ceb8e7e40585f4ca8eebc59d8668ad0246abd472c80e448b45a20441c9e1dd49020bb57b0e70b0a15eccb1f2f5d31caf4479a4e9a942
-  data.tar.gz: 0b82ac3e94d8414400bad5adf316fea94c79491d9b0ce2a2549a3fd6fd6e9250706220fd315f6ad7ae1231805ca16266bf668b743cff66d99409f9d62fbd1600
+  metadata.gz: 4490359da0c9a05d948c10be73a8b229d8341f5109b81345640840a63fa58f169f8f1d18bdbf0ba0f0b85d0f24f4497688097ac587c88b327b6aab9624f93819
+  data.tar.gz: aec61c569dae2eddafcba83ec38e52c7da97d9798ee12f47606620a19bf5e51ca99fb01fba9f16b61eaf7c9924b40e7bb573619a07d0131d67a33d1e9817dd08

data/History.md

@@ -1,3 +1,25 @@
+## 0.15.5
+
+* [deps] upgrade BC to version 1.81
+* Improving completeness of ASN1 encoding/decoding (#335)
+* [fix] OpenSSL::X509::CRL#to_pem when building CRL from scratch (#163)
+* [fix] OpenSSL::ASN1::ASN1Data encoding/decoding compatibility (#265)
+
+## 0.15.4
+
+* Verify hostname by default
+
+This addresses **CVE-2025-46551** and **GHSA-72qj-48g4-5xgx**.
+
+Users can work around this by applying this patch manually to their
+own jruby-openssl and jruby installs, or by re-enabling hostname
+verification with the following code early in application boot:
+```ruby
+require 'openssl'
+
+OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:verify_hostname] = true
+```
+
 ## 0.15.3
 
 * [fix] keep curve name when group is set into another key

data/lib/jopenssl/version.rb

@@ -1,6 +1,6 @@
 module JOpenSSL
-  VERSION = '0.15.4.pre1'
-  BOUNCY_CASTLE_VERSION = '1.80'
+  VERSION = '0.15.5'
+  BOUNCY_CASTLE_VERSION = '1.81'
 end
 
 Object.class_eval do

data/pom.xml

@@ -11,7 +11,7 @@ DO NOT MODIFY - GENERATED CODE
   <modelVersion>4.0.0</modelVersion>
   <groupId>rubygems</groupId>
   <artifactId>jruby-openssl</artifactId>
-  <version>0.15.4.pre1-SNAPSHOT</version>
+  <version>0.15.5</version>
   <packaging>gem</packaging>
   <name>JRuby OpenSSL</name>
   <description>JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library.</description>
@@ -60,7 +60,7 @@ DO NOT MODIFY - GENERATED CODE
     </snapshotRepository>
   </distributionManagement>
   <properties>
-    <bc.versions>1.80</bc.versions>
+    <bc.versions>1.81</bc.versions>
     <invoker.skip>${maven.test.skip}</invoker.skip>
     <invoker.test>${bc.versions}</invoker.test>
     <jruby.plugins.version>3.0.2</jruby.plugins.version>
@@ -77,22 +77,22 @@ DO NOT MODIFY - GENERATED CODE
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcprov-jdk18on</artifactId>
-      <version>1.80</version>
+      <version>1.81</version>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcpkix-jdk18on</artifactId>
-      <version>1.80</version>
+      <version>1.81</version>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bctls-jdk18on</artifactId>
-      <version>1.80</version>
+      <version>1.81</version>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
       <artifactId>bcutil-jdk18on</artifactId>
-      <version>1.80</version>
+      <version>1.81</version>
     </dependency>
     <dependency>
       <groupId>org.jruby</groupId>

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: jruby-openssl
 version: !ruby/object:Gem::Version
-  version: 0.15.4.pre1
+  version: 0.15.5
 platform: java
 authors:
 - Karol Bucek
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-04-22 00:00:00.000000000 Z
+date: 2025-07-25 00:00:00.000000000 Z
 dependencies: []
 description: JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL
   native library.
@@ -41,10 +41,10 @@ files:
 - lib/openssl/pkey.rb
 - lib/openssl/ssl.rb
 - lib/openssl/x509.rb
-- lib/org/bouncycastle/bcpkix-jdk18on/1.80/bcpkix-jdk18on-1.80.jar
-- lib/org/bouncycastle/bcprov-jdk18on/1.80/bcprov-jdk18on-1.80.jar
-- lib/org/bouncycastle/bctls-jdk18on/1.80/bctls-jdk18on-1.80.jar
-- lib/org/bouncycastle/bcutil-jdk18on/1.80/bcutil-jdk18on-1.80.jar
+- lib/org/bouncycastle/bcpkix-jdk18on/1.81/bcpkix-jdk18on-1.81.jar
+- lib/org/bouncycastle/bcprov-jdk18on/1.81/bcprov-jdk18on-1.81.jar
+- lib/org/bouncycastle/bctls-jdk18on/1.81/bctls-jdk18on-1.81.jar
+- lib/org/bouncycastle/bcutil-jdk18on/1.81/bcutil-jdk18on-1.81.jar
 - pom.xml
 homepage: https://github.com/jruby/jruby-openssl
 licenses:
@@ -63,14 +63,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements:
-- jar org.bouncycastle:bcprov-jdk18on, 1.80
-- jar org.bouncycastle:bcpkix-jdk18on, 1.80
-- jar org.bouncycastle:bctls-jdk18on,  1.80
-- jar org.bouncycastle:bcutil-jdk18on, 1.80
+- jar org.bouncycastle:bcprov-jdk18on, 1.81
+- jar org.bouncycastle:bcpkix-jdk18on, 1.81
+- jar org.bouncycastle:bctls-jdk18on,  1.81
+- jar org.bouncycastle:bcutil-jdk18on, 1.81
 rubygems_version: 3.1.6
 signing_key:
 specification_version: 4