You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ignite.apache.org by il...@apache.org on 2020/06/09 09:57:09 UTC

[ignite] branch master updated: IGNITE-13084 Update BouncyCastle dependency to fix potential vulnerability - Fixes #7861.

This is an automated email from the ASF dual-hosted git repository.

ilyak pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/ignite.git


The following commit(s) were added to refs/heads/master by this push:
     new 1bd45aa  IGNITE-13084 Update BouncyCastle dependency to fix potential vulnerability - Fixes #7861.
1bd45aa is described below

commit 1bd45aa52c20d3fe89e719349051f52f9e4c1ec0
Author: Semyon Danilov <sa...@yandex.ru>
AuthorDate: Tue Jun 9 12:55:46 2020 +0300

    IGNITE-13084 Update BouncyCastle dependency to fix potential vulnerability - Fixes #7861.
    
    Signed-off-by: Ilya Kasnacheev <il...@gmail.com>
---
 modules/aws/pom.xml | 12 ++++++++++++
 parent/pom.xml      |  1 +
 2 files changed, 13 insertions(+)

diff --git a/modules/aws/pom.xml b/modules/aws/pom.xml
index a42bbd3..e0bd8f9 100644
--- a/modules/aws/pom.xml
+++ b/modules/aws/pom.xml
@@ -102,6 +102,18 @@
             <groupId>com.amazonaws</groupId>
             <artifactId>aws-encryption-sdk-java</artifactId>
             <version>${aws.encryption.sdk.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bcprov-ext-jdk15on</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-ext-jdk15on</artifactId>
+            <version>${bouncycastle.version}</version>
         </dependency>
 
         <dependency>
diff --git a/parent/pom.xml b/parent/pom.xml
index f301c117..cbc099e 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -55,6 +55,7 @@
         <aws.sdk.version>1.11.75</aws.sdk.version>
         <camel.version>2.22.0</camel.version>
         <aws.encryption.sdk.version>1.3.2</aws.encryption.sdk.version>
+        <bouncycastle.version>1.60</bouncycastle.version>
         <commons.beanutils.bundle.version>1.9.2_1</commons.beanutils.bundle.version>
         <commons.beanutils.version>1.9.4</commons.beanutils.version>
         <commons.codec.version>1.11</commons.codec.version>