jclouds-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (JCLOUDS-437) jclouds-karaf depends on bouncycastle version affected by vulnerability CVE-2013-1624
Date Thu, 30 Jan 2014 01:27:05 GMT

    [ https://issues.apache.org/jira/browse/JCLOUDS-437?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13886135#comment-13886135
] 

ASF subversion and git services commented on JCLOUDS-437:
---------------------------------------------------------

Commit 53fe72533d33e3061feb2279f9105c56ecad8579 in branch refs/heads/master from [~janstey]
[ https://git-wip-us.apache.org/repos/asf?p=jclouds-karaf.git;h=53fe725 ]

JCLOUDS-437 - upgrade to bouncycastle 1.49 to fix CVE-2013-1624


> jclouds-karaf depends on bouncycastle version affected by vulnerability CVE-2013-1624
> -------------------------------------------------------------------------------------
>
>                 Key: JCLOUDS-437
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-437
>             Project: jclouds
>          Issue Type: Improvement
>    Affects Versions: 1.7.0, 1.6.3, 1.8.0
>            Reporter: Jonathan Anstey
>             Fix For: 1.8.0
>
>
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1624 is fixed in bouncy castle 1.48
and newer. Bouncycastle should be upgraded for the next jclouds-karaf release to fix this
vulnerability.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message