jclouds-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (Jira)" <j...@apache.org>
Subject [jira] [Commented] (JCLOUDS-1526) Update BouncyCastle dependency
Date Fri, 15 Nov 2019 15:04:00 GMT

    [ https://issues.apache.org/jira/browse/JCLOUDS-1526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16975160#comment-16975160
] 

ASF subversion and git services commented on JCLOUDS-1526:
----------------------------------------------------------

Commit 30830bfa4e41b0647b343892c6c41b0bf797a1ee in jclouds's branch refs/heads/master from
Colm O hEigeartaigh
[ https://gitbox.apache.org/repos/asf?p=jclouds.git;h=30830bf ]

JCLOUDS-1526 - Update BouncyCastle dependency (#53)



> Update BouncyCastle dependency
> ------------------------------
>
>                 Key: JCLOUDS-1526
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-1526
>             Project: jclouds
>          Issue Type: Improvement
>            Reporter: Colm O hEigeartaigh
>            Priority: Major
>             Fix For: 2.3.0, 2.2.1
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> The BouncyCastle dependency should be updated. The current version used has numerous
CVEs:
> bcprov-ext-jdk15on-1.51.jar (pkg:maven/org.bouncycastle/bcprov-ext-jdk15on@1.51) : CVE-2015-6644,
CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340, CVE-2016-1000341, CVE-2016-1000342,
CVE-2016-1000343, CVE-2016-1000344, CVE-2016-1000345, CVE-2016-1000346, CVE-2016-1000352,
CVE-2017-13098, CVE-2018-1000613



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message