It has been more than a year since I announced that RSA is extending support for its BSAFE toolkits. See my previous post here.
RSA is actively addressing issues and adding new algorithm support, from adding new SHA-3 support, supporting JDK or JSSE properties, implementing control of algorithms and key sizes, to keeping the platform support updated, in order to keep RSA, Dell EMC, and all our customers' products as secure as possible.
We have released new versions of SSL-J, Crypto-J, Micro Edition Suite, and Crypto-C Micro Edition (CCME) to address security vulnerabilities, and to add new algorithms and ensure our modules remain FIPS 140-2 validated.
RSA has submitted both CCME 4.1.4 and Crypto-J 6.2.5 to NIST Cryptographic Module Validation Program, CMVP, for FIPS validation some months ago already. According to CMVP's Module In Process list, the review of CCME started around the first week of October. The status of Crypto-J is still Pending Review. CMVP has quite a backlog of modules to review so we appreciate your patience while CMVP do their best to review all submissions.
We are making the new releases available to our entire customer base under a valid BSAFE maintenance contract. If you have not yet renewed your support contract to benefit from these new releases, contact RSA Support by sending an email to firstname.lastname@example.org.
RSA BSAFE Product Manager