Dell BSAFE SSL-J 6.5 Release Advisory
Summary: Dell BSAFE SSL-J 6.5 is now available. This release integrates Dell BSAFE Crypto-J 6.2.6, with Crypto-J JSAFE and JCE Software Module 6.2.5 as its underlying FIPS 140-2 provider.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Instructions
Initially published on September 12th, 2022.
Announcement
The Dell BSAFE Product Team announces the release and general availability of Dell BSAFE SSL-J 6.5. This release integrates Dell BSAFE Crypto-J 6.2.6, with Crypto-J JSAFE and JCE Software Module 6.2.5 as its underlying FIPS 140-2 provider.This release addresses two security issues. Refer to DSA-2022-188 and DSA-2022-208 for more details.
- DSA-2022-188: Dell BSAFE SSL-J 6.5 and 7.1 Security Vulnerability
- DSA-2022-208: Dell BSAFE SSL-J 6.5 and 7.1 and Dell BSAFE Crypto-J 6.2.6.1 and 7.0 Security Vulnerability
This release also incorporates the following changes:
- Support for X509ExtendedKeyManager added, providing access to the new methods chooseEngineClientAlias() and chooseEngineServerAlias().
- TLS 1.0 and 1.1 now disabled by default.
- Weak cipher suites removed from the default cipher suite list.
- Support for the following JDK properties is now added:
- jdk.tls.client.cipherSuites
- jdk.tls.server.cipherSuites
- jdk.tls.server.protocols
- jdk.tls.client.protocols
This release of SSL-J is also compatible and supported with BSAFE Crypto-J 7.0 with some considerations. Please review the Crypto-J 7.0 Release Notes for further details.
For BSAFE downloads, documentation and more, contact Dell Support.
Products
BSAFE SSL-JArticle Properties
Article Number: 000203134
Article Type: How To
Last Modified: 12 Sep 2022
Version: 3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.