diff --git a/0001-CVE-2023-33201-added-filter-encode-to-search.patch b/0001-CVE-2023-33201-added-filter-encode-to-search.patch
deleted file mode 100644
index b110f520ef079d037385c95593bc17a2f01e9636..0000000000000000000000000000000000000000
--- a/0001-CVE-2023-33201-added-filter-encode-to-search.patch
+++ /dev/null
@@ -1,161 +0,0 @@
-From e8c409a8389c815ea3fda5e8b94c92fdfe583bcc Mon Sep 17 00:00:00 2001
-From: royb <roy.basmacier@primekey.com>
-Date: Tue, 25 Apr 2023 23:11:52 -0400
-Subject: [PATCH] added filter encode to search
-
----
- .../jce/provider/X509LDAPCertStoreSpi.java    | 89 +++++++++++++++----
- 1 file changed, 73 insertions(+), 16 deletions(-)
-
-diff --git a/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java b/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
-index f526994..d9a2090 100644
---- a/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
-+++ b/prov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
-@@ -50,21 +50,22 @@
- public class X509LDAPCertStoreSpi
-     extends CertStoreSpi
- {
--    private X509LDAPCertStoreParameters params;
--
--    public X509LDAPCertStoreSpi(CertStoreParameters params)
--        throws InvalidAlgorithmParameterException
-+    private static String[] FILTER_ESCAPE_TABLE = new String['\\' + 1];
-+    static        
-     {
--        super(params);
--
--        if (!(params instanceof X509LDAPCertStoreParameters))
-+        // Filter encoding table -------------------------------------
-+        // fill with char itself
-+        for (char c = 0; c < FILTER_ESCAPE_TABLE.length; c++)
-         {
--            throw new InvalidAlgorithmParameterException(
--                X509LDAPCertStoreSpi.class.getName() + ": parameter must be a " + X509LDAPCertStoreParameters.class.getName() + " object\n"
--                    + params.toString());
-+            FILTER_ESCAPE_TABLE[c] = String.valueOf(c);
-         }
- 
--        this.params = (X509LDAPCertStoreParameters)params;
-+        // escapes (RFC2254)
-+        FILTER_ESCAPE_TABLE['*'] = "\\2a";
-+        FILTER_ESCAPE_TABLE['('] = "\\28";
-+        FILTER_ESCAPE_TABLE[')'] = "\\29";
-+        FILTER_ESCAPE_TABLE['\\'] = "\\5c";
-+        FILTER_ESCAPE_TABLE[0] = "\\00";
-     }
- 
-     /**
-@@ -86,8 +87,26 @@ public X509LDAPCertStoreSpi(CertStoreParameters params)
-      * Package Prefix for loading URL context factories.
-      */
-     private static final String URL_CONTEXT_PREFIX = "com.sun.jndi.url";
-+    private X509LDAPCertStoreParameters params;
-+
-+    public X509LDAPCertStoreSpi(CertStoreParameters params)
-+        throws InvalidAlgorithmParameterException
-+    {
-+        super(params);
-+
-+        if (!(params instanceof X509LDAPCertStoreParameters))
-+        {
-+            throw new InvalidAlgorithmParameterException(
-+                X509LDAPCertStoreSpi.class.getName() + ": parameter must be a " + X509LDAPCertStoreParameters.class.getName() + " object\n"
-+                    + params.toString());
-+        }
- 
--    private DirContext connectLDAP() throws NamingException
-+        this.params = (X509LDAPCertStoreParameters)params;
-+    }
-+
-+
-+    private DirContext connectLDAP() 
-+        throws NamingException
-     {
-         Properties props = new Properties();
-         props.setProperty(Context.INITIAL_CONTEXT_FACTORY, LDAP_PROVIDER);
-@@ -137,7 +156,7 @@ private String parseDN(String subject, String subjectAttributeName)
-         {
-             temp = temp.substring(0, temp.length() - 1);
-         }
--        return temp;
-+        return filterEncode(temp);
-     }
- 
-     public Collection engineGetCertificates(CertSelector selector)
-@@ -195,7 +214,7 @@ public Collection engineGetCertificates(CertSelector selector)
-                 {
- 
-                 }
--                for (Iterator it2 = bytesList.iterator(); it2.hasNext();)
-+                for (Iterator it2 = bytesList.iterator(); it2.hasNext(); )
-                 {
-                     ByteArrayInputStream bIn = new ByteArrayInputStream(
-                         (byte[])it2.next());
-@@ -346,7 +365,7 @@ public Collection engineGetCRLs(CRLSelector selector)
-         if (xselector.getIssuerNames() != null)
-         {
-             for (Iterator it = xselector.getIssuerNames().iterator(); it
--                .hasNext();)
-+                .hasNext(); )
-             {
-                 Object o = it.next();
-                 String attrValue = null;
-@@ -396,6 +415,42 @@ public Collection engineGetCRLs(CRLSelector selector)
-         return crlSet;
-     }
- 
-+     /**
-+     * Escape a value for use in a filter.
-+     *
-+     * @param value the value to escape.
-+     * @return a properly escaped representation of the supplied value.
-+     */
-+    private String filterEncode(String value)
-+    {
-+        if (value == null)
-+        {
-+            return null;
-+        }
-+
-+        // make buffer roomy
-+        StringBuilder encodedValue = new StringBuilder(value.length() * 2);
-+
-+        int length = value.length();
-+
-+        for (int i = 0; i < length; i++)
-+        {
-+            char c = value.charAt(i);
-+
-+            if (c < FILTER_ESCAPE_TABLE.length)
-+            {
-+                encodedValue.append(FILTER_ESCAPE_TABLE[c]);
-+            }
-+            else
-+            {
-+                // default: add the char
-+                encodedValue.append(c);
-+            }
-+        }
-+
-+        return encodedValue.toString();
-+    }
-+
-     /**
-      * Returns a Set of byte arrays with the certificate or CRL encodings.
-      *
-@@ -406,9 +461,11 @@ public Collection engineGetCRLs(CRLSelector selector)
-      * @return Set of byte arrays with the certificate encodings.
-      */
-     private Set search(String attributeName, String attributeValue,
--                       String[] attrs) throws CertStoreException
-+                       String[] attrs) 
-+        throws CertStoreException
-     {
-         String filter = attributeName + "=" + attributeValue;
-+//      System.out.println(filter);
-         if (attributeName == null)
-         {
-             filter = null;
--- 
-2.39.2
-
diff --git a/bcjmail-jdk18on-1.78.pom b/bcjmail-jdk18on-1.78.pom
new file mode 100644
index 0000000000000000000000000000000000000000..5efc8b45f5f5cbe593ace0e41c33b4db465a0554
--- /dev/null
+++ b/bcjmail-jdk18on-1.78.pom
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project>
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>org.bouncycastle</groupId>
+  <artifactId>bcjmail-jdk18on</artifactId>
+  <packaging>jar</packaging>
+  <name>Bouncy Castle Jakarta S/MIME API</name>
+  <version>1.78</version>
+  <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The Jakarta Mail API and the Jakarta activation framework will also be needed.</description>
+  <url>https://www.bouncycastle.org/java.html</url>
+  <licenses>
+    <license>
+      <name>Bouncy Castle Licence</name>
+      <url>https://www.bouncycastle.org/licence.html</url>
+      <distribution>repo</distribution>
+    </license>
+  </licenses>
+  <scm>
+    <url>https://github.com/bcgit/bc-java</url>
+  </scm>
+  <issueManagement>
+     <system>GitHub</system>
+     <url>https://github.com/bcgit/bc-java/issues</url>
+  </issueManagement>
+  <developers>
+    <developer>
+      <id>feedback-crypto</id>
+      <name>The Legion of the Bouncy Castle Inc.</name>
+      <email>feedback-crypto@bouncycastle.org</email>
+    </developer>
+  </developers>
+  <dependencies>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
+      <type>jar</type>
+    </dependency>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcutil-jdk18on</artifactId>
+      <version>1.78</version>
+      <type>jar</type>
+    </dependency>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcpkix-jdk18on</artifactId>
+      <version>1.78</version>
+      <type>jar</type>
+    </dependency>
+  </dependencies>
+</project>
diff --git a/bcmail-jdk15on-1.67.pom b/bcmail-jdk18on-1.78.pom
similarity index 68%
rename from bcmail-jdk15on-1.67.pom
rename to bcmail-jdk18on-1.78.pom
index ce6412a1f2173edf6a959a4670caea9e53bb36ec..c18ad336d9c59a08eb79bea5c567a2fa62c784b3 100644
--- a/bcmail-jdk15on-1.67.pom
+++ b/bcmail-jdk18on-1.78.pom
@@ -2,16 +2,16 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bcmail-jdk15on</artifactId>
+  <artifactId>bcmail-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle S/MIME API</name>
-  <version>1.67</version>
-  <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.</description>
-  <url>http://www.bouncycastle.org/java.html</url>
+  <version>1.78</version>
+  <description>The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.</description>
+  <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
     <license>
       <name>Bouncy Castle Licence</name>
-      <url>http://www.bouncycastle.org/licence.html</url>
+      <url>https://www.bouncycastle.org/licence.html</url>
       <distribution>repo</distribution>
     </license>
   </licenses>
@@ -32,14 +32,20 @@
   <dependencies>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcprov-jdk15on</artifactId>
-      <version>1.67</version>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcpkix-jdk15on</artifactId>
-      <version>1.67</version>
+      <artifactId>bcutil-jdk18on</artifactId>
+      <version>1.78</version>
+      <type>jar</type>
+    </dependency>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcpkix-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcpg-jdk15on-1.67.pom b/bcpg-jdk18on-1.78.pom
similarity index 72%
rename from bcpg-jdk15on-1.67.pom
rename to bcpg-jdk18on-1.78.pom
index fa1975289417d4aa0157cacafcfc488ecf711436..c8e82313b7ed265fc269b5700b57fee9cd7f21a1 100644
--- a/bcpg-jdk15on-1.67.pom
+++ b/bcpg-jdk18on-1.78.pom
@@ -2,21 +2,21 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bcpg-jdk15on</artifactId>
+  <artifactId>bcpg-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle OpenPGP API</name>
-  <version>1.67</version>
-  <description>The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
-  <url>http://www.bouncycastle.org/java.html</url>
+  <version>1.78</version>
+  <description>The Bouncy Castle Java API for handling the OpenPGP protocol. This jar contains the OpenPGP API for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
+  <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
     <license>
       <name>Bouncy Castle Licence</name>
-      <url>http://www.bouncycastle.org/licence.html</url>
+      <url>https://www.bouncycastle.org/licence.html</url>
       <distribution>repo</distribution>
     </license>
     <license>
-      <name>Apache Software License, Version 1.1</name>
-      <url>http://www.apache.org/licenses/LICENSE-1.1</url>
+      <name>Apache Software License, Version 2.0</name>
+      <url>https://www.apache.org/licenses/LICENSE-2.0</url>
       <distribution>repo</distribution>
     </license>
   </licenses>
@@ -37,8 +37,8 @@
   <dependencies>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcprov-jdk15on</artifactId>
-      <version>1.67</version>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcpkix-jdk15on-1.67.pom b/bcpkix-jdk18on-1.78.pom
similarity index 69%
rename from bcpkix-jdk15on-1.67.pom
rename to bcpkix-jdk18on-1.78.pom
index 12633c0500e730d7ef791bb5c4057377ed9e358f..1ebddf3a36b3c389ce0238673d00639fb181a0e3 100644
--- a/bcpkix-jdk15on-1.67.pom
+++ b/bcpkix-jdk18on-1.78.pom
@@ -2,16 +2,16 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bcpkix-jdk15on</artifactId>
+  <artifactId>bcpkix-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs</name>
-  <version>1.67</version>
-  <description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
-  <url>http://www.bouncycastle.org/java.html</url>
+  <version>1.78</version>
+  <description>The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.8 and up. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.</description>
+  <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
     <license>
       <name>Bouncy Castle Licence</name>
-      <url>http://www.bouncycastle.org/licence.html</url>
+      <url>https://www.bouncycastle.org/licence.html</url>
       <distribution>repo</distribution>
     </license>
   </licenses>
@@ -32,8 +32,14 @@
   <dependencies>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcprov-jdk15on</artifactId>
-      <version>1.67</version>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
+      <type>jar</type>
+    </dependency>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcutil-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcprov-jdk15on-1.67.pom b/bcprov-jdk18on-1.78.pom
similarity index 81%
rename from bcprov-jdk15on-1.67.pom
rename to bcprov-jdk18on-1.78.pom
index 65f379fbdb3186fb45ec5c2d2ca3e6fd94ab4575..66973034ed5e39a9631d0059be8baf52e252d565 100644
--- a/bcprov-jdk15on-1.67.pom
+++ b/bcprov-jdk18on-1.78.pom
@@ -2,16 +2,16 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bcprov-jdk15on</artifactId>
+  <artifactId>bcprov-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle Provider</name>
-  <version>1.67</version>
-  <description>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 and up.</description>
-  <url>http://www.bouncycastle.org/java.html</url>
+  <version>1.78</version>
+  <description>The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.8 and up.</description>
+  <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
     <license>
       <name>Bouncy Castle Licence</name>
-      <url>http://www.bouncycastle.org/licence.html</url>
+      <url>https://www.bouncycastle.org/licence.html</url>
       <distribution>repo</distribution>
     </license>
   </licenses>
diff --git a/bctls-jdk15on-1.67.pom b/bctls-jdk18on-1.78.pom
similarity index 69%
rename from bctls-jdk15on-1.67.pom
rename to bctls-jdk18on-1.78.pom
index 2c00d62186a2aeac866fcb045a5bf7205f9febf9..3ff0eae74c76576a0099603a0006711f58fdf60d 100644
--- a/bctls-jdk15on-1.67.pom
+++ b/bctls-jdk18on-1.78.pom
@@ -2,16 +2,16 @@
 <project>
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.bouncycastle</groupId>
-  <artifactId>bctls-jdk15on</artifactId>
+  <artifactId>bctls-jdk18on</artifactId>
   <packaging>jar</packaging>
   <name>Bouncy Castle JSSE provider and TLS/DTLS API</name>
-  <version>1.67</version>
+  <version>1.78</version>
   <description>The Bouncy Castle Java APIs for TLS and DTLS, including a provider for the JSSE.</description>
-  <url>http://www.bouncycastle.org/java.html</url>
+  <url>https://www.bouncycastle.org/java.html</url>
   <licenses>
     <license>
       <name>Bouncy Castle Licence</name>
-      <url>http://www.bouncycastle.org/licence.html</url>
+      <url>https://www.bouncycastle.org/licence.html</url>
       <distribution>repo</distribution>
     </license>
   </licenses>
@@ -32,8 +32,14 @@
   <dependencies>
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcprov-jdk15on</artifactId>
-      <version>1.67</version>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
+      <type>jar</type>
+    </dependency>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcutil-jdk18on</artifactId>
+      <version>1.78</version>
       <type>jar</type>
     </dependency>
   </dependencies>
diff --git a/bcutil-jdk18on-1.78.pom b/bcutil-jdk18on-1.78.pom
new file mode 100644
index 0000000000000000000000000000000000000000..0afe6570d8f2c75cbb4e16e73735749dd365b48a
--- /dev/null
+++ b/bcutil-jdk18on-1.78.pom
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project>
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>org.bouncycastle</groupId>
+  <artifactId>bcutil-jdk18on</artifactId>
+  <packaging>jar</packaging>
+  <name>Bouncy Castle ASN.1 Extension and Utility APIs</name>
+  <version>1.78</version>
+  <description>The Bouncy Castle Java APIs for ASN.1 extension and utility APIs used to support bcpkix and bctls. This jar contains APIs for JDK 1.8 and up.</description>
+  <url>https://www.bouncycastle.org/java.html</url>
+  <licenses>
+    <license>
+      <name>Bouncy Castle Licence</name>
+      <url>https://www.bouncycastle.org/licence.html</url>
+      <distribution>repo</distribution>
+    </license>
+  </licenses>
+  <scm>
+    <url>https://github.com/bcgit/bc-java</url>
+  </scm>
+  <issueManagement>
+     <system>GitHub</system>
+     <url>https://github.com/bcgit/bc-java/issues</url>
+  </issueManagement>
+  <developers>
+    <developer>
+      <id>feedback-crypto</id>
+      <name>The Legion of the Bouncy Castle Inc.</name>
+      <email>feedback-crypto@bouncycastle.org</email>
+    </developer>
+  </developers>
+  <dependencies>
+    <dependency>
+      <groupId>org.bouncycastle</groupId>
+      <artifactId>bcprov-jdk18on</artifactId>
+      <version>1.78</version>
+      <type>jar</type>
+    </dependency>
+  </dependencies>
+</project>
diff --git a/bouncycastle.spec b/bouncycastle.spec
index 41d4a2097937814f41fa78ef93b9a71815c99c86..401c9bb8336ac068951e5d22465ffba900bdcce4 100644
--- a/bouncycastle.spec
+++ b/bouncycastle.spec
@@ -1,92 +1,111 @@
-%define tag r1rv67
+%define tag r1rv78
 %define class_name org.bouncycastle.jce.provider.BouncyCastleProvider
-%define jdk_dir build/artifacts/jdk1.5
+%define jdk_dir build/artifacts/jdk1.8
 %define java_sec_dir %{_sysconfdir}/java/security/security.d
 %define suffix_name security/classpath.security
 
+Summary:          Bouncy Castle Cryptography APIs for Java
 Name:             bouncycastle
-Version:          1.67
-Release:          2
+Version:          1.78
+Release:          1
 Summary:          A Java implementation of cryptographic algorithms
 License:          MIT
 URL:              http://www.bouncycastle.org
 Source0:          https://github.com/bcgit/bc-java/archive/%{tag}.tar.gz
-Source1:          https://repo1.maven.org/maven2/org/bouncycastle/bcmail-jdk15on/%{version}/bcmail-jdk15on-%{version}.pom
-Source2:          https://repo1.maven.org/maven2/org/bouncycastle/bcpg-jdk15on/%{version}/bcpg-jdk15on-%{version}.pom
-Source3:          https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-jdk15on/%{version}/bcpkix-jdk15on-%{version}.pom
-Source4:          https://repo1.maven.org/maven2/org/bouncycastle/bcprov-jdk15on/%{version}/bcprov-jdk15on-%{version}.pom
-Source5:          https://repo1.maven.org/maven2/org/bouncycastle/bctls-jdk15on/%{version}/bctls-jdk15on-%{version}.pom
-Patch001:	  0001-CVE-2023-33201-added-filter-encode-to-search.patch
-BuildRequires:    ant ant-junit aqute-bnd javamail javapackages-local
-BuildRequires:    jakarta-activation
+Source1:          https://repo1.maven.org/maven2/org/bouncycastle/bcprov-jdk18on/%{version}/bcprov-jdk18on-%{version}.pom
+Source2:          https://repo1.maven.org/maven2/org/bouncycastle/bcpkix-jdk18on/%{version}/bcpkix-jdk18on-%{version}.pom
+Source3:          https://repo1.maven.org/maven2/org/bouncycastle/bcpg-jdk18on/%{version}/bcpg-jdk18on-%{version}.pom
+Source4:          https://repo1.maven.org/maven2/org/bouncycastle/bcmail-jdk18on/%{version}/bcmail-jdk18on-%{version}.pom
+Source5:          https://repo1.maven.org/maven2/org/bouncycastle/bctls-jdk18on/%{version}/bctls-jdk18on-%{version}.pom
+Source6:          https://repo1.maven.org/maven2/org/bouncycastle/bcutil-jdk18on/%{version}/bcutil-jdk18on-%{version}.pom
+Source7:          https://repo1.maven.org/maven2/org/bouncycastle/bcjmail-jdk18on/%{version}/bcjmail-jdk18on-%{version}.pom
+
+Patch0: jmail.packages.patch
+
+
+BuildRequires:    aqute-bnd ant ant-junit jakarta-activation jakarta-mail
+BuildRequires:    jakarta-activation jakarta-mail javapackages-local
+
 Requires(post):   javapackages-tools
 Requires(postun): javapackages-tools
 
 BuildArch:        noarch
-
 Provides:         bcprov = %{version}-%{release}
 Provides:         %{name}-pkix
 Provides:         %{name}-pg
 Provides:         %{name}-mail
+Provides:         %{name}-jmail
 Provides:         %{name}-tls
 Provides:         %{name}-javadoc
+Provides:         %{name}-util
 Provides:         %{name}-pkix-javadoc = %{version}-%{release}
 Provides:         %{name}-pg-javadoc = %{version}-%{release}
 Provides:         %{name}-mail-javadoc = %{version}-%{release}
 Obsoletes:        %{name}-pkix
 Obsoletes:        %{name}-pg
 Obsoletes:        %{name}-mail
+Obsoletes:        %{name}-jmail
 Obsoletes:        %{name}-tls
 Obsoletes:        %{name}-javadoc
+Obsoletes:        %{name}-util
 Obsoletes:        %{name}-pkix-javadoc < %{version}-%{release}
 Obsoletes:        %{name}-pg-javadoc < %{version}-%{release}
 Obsoletes:        %{name}-mail-javadoc < %{version}-%{release}
 
 %description
-The package is organised so that it contains a light-weight API suitable for
-use in any environment (including the newly released J2ME) with the additional
-infrastructure to conform the algorithms to the JCE framework.
-
+The Bouncy Castle Crypto package is a Java implementation of cryptographic
+algorithms. This jar contains JCE provider and lightweight API for the
+Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.
 
 %prep
 %autosetup -n bc-java-%{tag} -p1
 
-find . -type f -name "*.class" -delete
-find . -type f -name "*.jar" -delete
 
-sed -i -e '/<javadoc/aadditionalparam="-Xdoclint:none" encoding="UTF-8" source="1.8"' \
-       -e '/<javac/aencoding="UTF-8"' ant/bc+-build.xml
+for x in `find | grep  -e  x_pkcs7_signature.java  -e PKCS7ContentHandler.java -e multipart_signed.java` ; do 
+  sed "s/getTransferData.ActivationDataFlavor/getTransferData(DataFlavor/g" -i $x
+  sed "s/            ActivationDataFlavor df,/            DataFlavor df,/g"  -i $x
+done
+
+find . -type f -name "*.class" -exec rm -f {} \;
+find . -type f -name "*.jar" -exec rm -f {} \;
+
+sed -i -e '/target="build-lw"/d' ant/jdk18+.xml
+sed -i -e '/target="javadoc-lw"/d' ant/jdk18+.xml
 
-cp -p %{SOURCE1} bcmail.pom
-cp -p %{SOURCE2} bcpg.pom
-cp -p %{SOURCE3} bcpkix.pom
-cp -p %{SOURCE4} bcprov.pom
+cp -p %{SOURCE1} bcprov.pom
+cp -p %{SOURCE2} bcpkix.pom
+cp -p %{SOURCE3} bcpg.pom
+cp -p %{SOURCE4} bcmail.pom
 cp -p %{SOURCE5} bctls.pom
+cp -p %{SOURCE6} bcutil.pom
+cp -p %{SOURCE7} bcjmail.pom
+
+rm prov/src/test/java/org/bouncycastle/jce/provider/test/X509LDAPCertStoreTest.java
 
 %build
-ant -f ant/jdk15+.xml \
-  -Dactivation.jar.home=$(build-classpath jakarta-activation/jakarta.activation) \
-  -Dmail.jar.home=$(build-classpath javax.mail) \
+ant -f ant/jdk18+.xml \
   -Djunit.jar.home=$(build-classpath junit) \
+  -Dmail.jar.home=$(build-classpath jakarta-mail1/jakarta.mail) \
+  -Dactivation.jar.home=$(build-classpath jakarta-activation1/jakarta.activation) \
+  -Djmail.jar.home=$(build-classpath jakarta-mail/jakarta.mail) \
+  -Djactivation.jar.home=$(build-classpath jakarta-activation) \
   -Drelease.debug=true -Dbc.javac.source=1.8 -Dbc.javac.target=1.8 \
-  clean build-provider build
+  clean build-provider build #test
 
 cat > bnd.bnd <<EOF
--classpath=bcprov.jar,bcpkix.jar,bcpg.jar,bcmail.jar,bctls.jar
+-classpath=bcprov.jar,bcutil.jar,bcpkix.jar,bcpg.jar,bcmail.jar,bcjmail.jar,bctls.jar
 Export-Package: *;version=%{version}
 EOF
 
-for kind in bcprov bcpkix bcpg bcmail bctls ; do
-  bnd wrap -b $kind -v %{version} -p bnd.bnd -o $kind.jar %{jdk_dir}/jars/$kind-jdk15on-*.jar
+for bc in bcprov bcutil bcpkix bcpg bcmail bcjmail bctls ; do
+  bnd wrap -b $bc -v %{version} -p bnd.bnd -o $bc.jar %{jdk_dir}/jars/$bc-jdk18on-*.jar
 
-  %mvn_file ":$kind-jdk15on" $kind
-  %mvn_package ":$kind-jdk15on" $kind
-  %mvn_alias ":$kind-jdk15on" "org.bouncycastle:$kind-jdk16" "org.bouncycastle:$kind-jdk15"
-  %mvn_artifact $kind.pom $kind.jar
+  %mvn_file ":$bc-jdk18on" $bc
+  %mvn_package ":$bc-jdk18on" $bc
+  %mvn_alias ":$bc-jdk18on" "org.bouncycastle:$bc-jdk16" "org.bouncycastle:$bc-jdk15"
+  %mvn_artifact $bc.pom $bc.jar
 done
 
-rm -rf %{jdk_dir}/javadoc/lcrypto
-
 %install
 install -d -m 755 %{buildroot}%{java_sec_dir}
 touch %{buildroot}%{java_sec_dir}/2000-%{class_name}
@@ -96,19 +115,19 @@ touch %{buildroot}%{java_sec_dir}/2000-%{class_name}
 %post
 {
   suffix=%{suffix_name}
-  class_secfiles="/usr/lib/$suffix /usr/lib64/$suffix"
+  secfiles="/usr/lib/$suffix /usr/lib64/$suffix"
 
-  for secfile in $class_secfiles
+  for secfile in $secfiles
   do
     [ -f "$secfile" ] || continue
 
     sed -i '/^security\.provider\./d' "$secfile"
 
-    num=0
+    count=0
     for provider in $(ls %{java_sec_dir})
     do
-      num=$((num + 1))
-      echo "security.provider.${num}=${provider#*-}" >> "$secfile"
+      count=$((count + 1))
+      echo "security.provider.${count}=${provider#*-}" >> "$secfile"
     done
   done
 } || :
@@ -118,19 +137,19 @@ if [ "$1" -eq 0 ] ; then
 
   {
     suffix=%{suffix_name}
-    class_secfiles="/usr/lib/$suffix /usr/lib64/$suffix"
+    secfiles="/usr/lib/$suffix /usr/lib64/$suffix"
 
-    for secfile in $class_secfiles
+    for secfile in $secfiles
     do
       [ -f "$secfile" ] || continue
 
       sed -i '/^security\.provider\./d' "$secfile"
 
-      num=0
+      count=0
       for provider in $(ls %{java_sec_dir})
       do
-        num=$((num + 1))
-        echo "security.provider.${num}=${provider#*-}" >> "$secfile"
+        count=$((count + 1))
+        echo "security.provider.${count}=${provider#*-}" >> "$secfile"
       done
     done
   } || :
@@ -140,13 +159,17 @@ fi
 %files
 %doc docs/ core/docs/ *.html
 %doc %{_javadocdir}/%{name}
-%license %{jdk_dir}/bcprov-jdk15on-*/LICENSE.html
+%license %{jdk_dir}/bcprov-jdk18on-*/LICENSE.html
 %{_datadir}/maven-metadata/*
 %{_javadir}/*
 %{_mavenpomdir}/*
 %{java_sec_dir}/2000-%{class_name}
 
 %changelog
+* Wed May 08 2024 yinyongkang <yinyongkang@kylinos.cn> - 1.78-1
+- Upgrade version to 1.78
+- fix CVE-2024-30172 CVE-2024-29857  CVE-2024-30171 and CVE-2023-33202
+
 * Sun Jun 25 2023 licihua <licihua@huawei.com> - 1.67-2
 - fix cve CVE-2023-33201
 
diff --git a/bouncycastle.yaml b/bouncycastle.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..1b493cea26808c411097205b0a00ab36a2c16074
--- /dev/null
+++ b/bouncycastle.yaml
@@ -0,0 +1,4 @@
+version_control: github
+src_repo: bcgit/bc-java
+tag_prefix: ^r
+seperator: rv
diff --git a/jmail.packages.patch b/jmail.packages.patch
new file mode 100644
index 0000000000000000000000000000000000000000..69a0d14155cb54fb6b1972f59dc30b923ecc8886
--- /dev/null
+++ b/jmail.packages.patch
@@ -0,0 +1,19 @@
+--- bc-java-r1rv77/ant/bc+-build.xml
++++ bc-java-r1rv77/ant/bc+-build.xml
+@@ -652,13 +652,13 @@
+              </fileset>
+         </copy>
+ 
+-        <replaceregexp match="javax.activation." replace="jakarta.activation." flags="g" byline="true">
++        <replaceregexp match="jakarta.activation." replace="javax.activation." flags="g" byline="true">
+             <fileset dir="${jmail.target.src.dir}">
+                 <include name="**/*.java"/>
+             </fileset>
+         </replaceregexp>
+ 
+-        <replaceregexp match="javax.mail." replace="jakarta.mail." flags="g" byline="true">
++        <replaceregexp match="jakarta.mail." replace="javax.mail." flags="g" byline="true">
+             <fileset dir="${jmail.target.src.dir}">
+                 <include name="**/*.java"/>
+             </fileset>
+
diff --git a/r1rv67.tar.gz b/r1rv78.tar.gz
similarity index 72%
rename from r1rv67.tar.gz
rename to r1rv78.tar.gz
index c84436af38a17ae6f2af7d15b1d48780cc4fe811..90e6f1794f3a986ee797b685f5a1b6e3f2714ac2 100644
Binary files a/r1rv67.tar.gz and b/r1rv78.tar.gz differ