jclouds-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Phillips (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (JCLOUDS-437) jclouds-karaf depends on bouncycastle version affected by vulnerability CVE-2013-1624
Date Thu, 30 Jan 2014 02:17:08 GMT

     [ https://issues.apache.org/jira/browse/JCLOUDS-437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Andrew Phillips updated JCLOUDS-437:
------------------------------------

    Fix Version/s: 1.6.4

> jclouds-karaf depends on bouncycastle version affected by vulnerability CVE-2013-1624
> -------------------------------------------------------------------------------------
>
>                 Key: JCLOUDS-437
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-437
>             Project: jclouds
>          Issue Type: Improvement
>    Affects Versions: 1.7.0, 1.6.3, 1.8.0
>            Reporter: Jonathan Anstey
>            Assignee: Andrew Phillips
>             Fix For: 1.8.0, 1.6.4
>
>         Attachments: JCLOUDS-437.patch
>
>
> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1624 is fixed in bouncy castle 1.48
and newer. Bouncycastle should be upgraded for the next jclouds-karaf release to fix this
vulnerability.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Mime
View raw message