You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@bookkeeper.apache.org by eo...@apache.org on 2022/04/02 19:21:24 UTC

[bookkeeper] branch master updated: [security] Bump bc fips version from 1.0.2.1 to 1.0.2.3 (#3087)

This is an automated email from the ASF dual-hosted git repository.

eolivelli pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/bookkeeper.git


The following commit(s) were added to refs/heads/master by this push:
     new 28e47f9  [security] Bump bc fips version from 1.0.2.1 to 1.0.2.3 (#3087)
28e47f9 is described below

commit 28e47f9f2a94a7e451e1459b9d9de5296862554f
Author: ZhangJian He <sh...@gmail.com>
AuthorDate: Sun Apr 3 03:21:18 2022 +0800

    [security] Bump bc fips version from 1.0.2.1 to 1.0.2.3 (#3087)
---
 bookkeeper-dist/all/build.gradle                                      | 2 +-
 bookkeeper-dist/bkctl/build.gradle                                    | 2 +-
 bookkeeper-dist/server/build.gradle                                   | 2 +-
 bookkeeper-dist/src/assemble/bin-all.xml                              | 2 +-
 bookkeeper-dist/src/assemble/bin-server.xml                           | 2 +-
 bookkeeper-dist/src/assemble/bkctl.xml                                | 2 +-
 bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt                | 4 ++--
 bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt              | 4 ++--
 bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt             | 4 ++--
 .../deps/{bouncycastle-1.0.2.1 => bouncycastle-1.0.2.3}/LICENSE.html  | 0
 dependencies.gradle                                                   | 2 +-
 pom.xml                                                               | 2 +-
 12 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/bookkeeper-dist/all/build.gradle b/bookkeeper-dist/all/build.gradle
index bd1e735..891fe67 100644
--- a/bookkeeper-dist/all/build.gradle
+++ b/bookkeeper-dist/all/build.gradle
@@ -58,7 +58,7 @@ def depLicences = [
         "checker-qual-3.5.0/LICENSE",
         "google-auth-library-credentials-0.20.0/LICENSE",
         "javax.servlet-api-4.0.0/CDDL+GPL-1.1",
-        "bouncycastle-1.0.2.1/LICENSE.html",
+        "bouncycastle-1.0.2.3/LICENSE.html",
         "jsr-305/LICENSE",
         "netty-4.1.74.Final/*",
         "paranamer-2.8/LICENSE.txt",
diff --git a/bookkeeper-dist/bkctl/build.gradle b/bookkeeper-dist/bkctl/build.gradle
index af4cce6..8cc894b 100644
--- a/bookkeeper-dist/bkctl/build.gradle
+++ b/bookkeeper-dist/bkctl/build.gradle
@@ -50,7 +50,7 @@ def depLicences = [
         "checker-qual-3.5.0/LICENSE",
         "google-auth-library-credentials-0.20.0/LICENSE",
         "netty-4.1.74.Final/*",
-        "bouncycastle-1.0.2.1/LICENSE.html",
+        "bouncycastle-1.0.2.3/LICENSE.html",
         "protobuf-3.14.0/LICENSE",
         "protobuf-3.12.0/LICENSE",
         "reactivestreams-1.0.3/LICENSE",
diff --git a/bookkeeper-dist/server/build.gradle b/bookkeeper-dist/server/build.gradle
index 796cc60..21f3657 100644
--- a/bookkeeper-dist/server/build.gradle
+++ b/bookkeeper-dist/server/build.gradle
@@ -54,7 +54,7 @@ def depLicences = [
         "google-auth-library-credentials-0.20.0/LICENSE",
         "javax.servlet-api-4.0.0/CDDL+GPL-1.1",
         "netty-4.1.74.Final/*",
-        "bouncycastle-1.0.2.1/LICENSE.html",
+        "bouncycastle-1.0.2.3/LICENSE.html",
         "protobuf-3.14.0/LICENSE",
         "protobuf-3.12.0/LICENSE",
         "reactivestreams-1.0.3/LICENSE",
diff --git a/bookkeeper-dist/src/assemble/bin-all.xml b/bookkeeper-dist/src/assemble/bin-all.xml
index 1bf4fb8..7bd50f3 100644
--- a/bookkeeper-dist/src/assemble/bin-all.xml
+++ b/bookkeeper-dist/src/assemble/bin-all.xml
@@ -57,7 +57,7 @@
         <include>checker-qual-3.5.0/LICENSE</include>
         <include>google-auth-library-credentials-0.20.0/LICENSE</include>
         <include>javax.servlet-api-4.0.0/CDDL+GPL-1.1</include>
-        <include>bouncycastle-1.0.2.1/LICENSE.html</include>
+        <include>bouncycastle-1.0.2.3/LICENSE.html</include>
         <include>jsr-305/LICENSE</include>
         <include>netty-4.1.74.Final/*</include>
         <include>paranamer-2.8/LICENSE.txt</include>
diff --git a/bookkeeper-dist/src/assemble/bin-server.xml b/bookkeeper-dist/src/assemble/bin-server.xml
index c3d9955..633e936 100644
--- a/bookkeeper-dist/src/assemble/bin-server.xml
+++ b/bookkeeper-dist/src/assemble/bin-server.xml
@@ -53,7 +53,7 @@
         <include>google-auth-library-credentials-0.20.0/LICENSE</include>
         <include>javax.servlet-api-4.0.0/CDDL+GPL-1.1</include>
         <include>netty-4.1.74.Final/*</include>
-        <include>bouncycastle-1.0.2.1/LICENSE.html</include>
+        <include>bouncycastle-1.0.2.3/LICENSE.html</include>
         <include>protobuf-3.14.0/LICENSE</include>
         <include>protobuf-3.12.0/LICENSE</include>
         <include>reactivestreams-1.0.3/LICENSE</include>
diff --git a/bookkeeper-dist/src/assemble/bkctl.xml b/bookkeeper-dist/src/assemble/bkctl.xml
index 1e7d518..12891e1 100644
--- a/bookkeeper-dist/src/assemble/bkctl.xml
+++ b/bookkeeper-dist/src/assemble/bkctl.xml
@@ -70,7 +70,7 @@
         <include>checker-qual-3.5.0/LICENSE</include>
         <include>google-auth-library-credentials-0.20.0/LICENSE</include>
         <include>netty-4.1.74.Final/*</include>
-        <include>bouncycastle-1.0.2.1/LICENSE.html</include>
+        <include>bouncycastle-1.0.2.3/LICENSE.html</include>
         <include>protobuf-3.14.0/LICENSE</include>
         <include>protobuf-3.12.0/LICENSE</include>
         <include>reactivestreams-1.0.3/LICENSE</include>
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
index 4102b6a..72f4314 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
@@ -658,10 +658,10 @@ Bundled as
 Source available at https://github.com/googleapis/google-auth-library-java/releases/tag/v0.22.2
 ------------------------------------------------------------------------------------
 This product bundles the bouncycastle Library.
-For license details, see deps/bouncycastle-1.0.2.1/LICENSE.html
+For license details, see deps/bouncycastle-1.0.2.3/LICENSE.html
 
 Bundled as
-  - lib/org.bouncycastle-bc-fips-1.0.2.1.jar
+  - lib/org.bouncycastle-bc-fips-1.0.2.3.jar
 ------------------------------------------------------------------------------------
 This product uses the annotations from The Checker Framework, which are licensed under
 MIT License. For details, see deps/checker-qual-3.5.0/LICENSE
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
index 6748301..e18d142 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
@@ -584,10 +584,10 @@ Bundled as
 Source available at https://github.com/google/google-auth-library-java/tree/0.22.2
 ------------------------------------------------------------------------------------
 This product bundles the bouncycastle Library.
-For license details, see deps/bouncycastle-1.0.2.1/LICENSE.html
+For license details, see deps/bouncycastle-1.0.2.3/LICENSE.html
 
 Bundled as
-  - lib/org.bouncycastle-bc-fips-1.0.2.1.jar
+  - lib/org.bouncycastle-bc-fips-1.0.2.3.jar
 ------------------------------------------------------------------------------------
 
 This product uses the annotations from The Checker Framework, which are licensed under
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
index 773ade7..d509cfc 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
@@ -650,10 +650,10 @@ Bundled as
 Source available at https://github.com/googleapis/google-auth-library-java/releases/tag/v0.22.2
 ------------------------------------------------------------------------------------
 This product bundles the bouncycastle Library.
-For license details, see deps/bouncycastle-1.0.2.1/LICENSE.html
+For license details, see deps/bouncycastle-1.0.2.3/LICENSE.html
 
 Bundled as
-  - lib/org.bouncycastle-bc-fips-1.0.2.1.jar
+  - lib/org.bouncycastle-bc-fips-1.0.2.3.jar
 ------------------------------------------------------------------------------------
 This product uses the annotations from The Checker Framework, which are licensed under
 MIT License. For details, see deps/checker-qual-3.5.0/LICENSE
diff --git a/bookkeeper-dist/src/main/resources/deps/bouncycastle-1.0.2.1/LICENSE.html b/bookkeeper-dist/src/main/resources/deps/bouncycastle-1.0.2.3/LICENSE.html
similarity index 100%
rename from bookkeeper-dist/src/main/resources/deps/bouncycastle-1.0.2.1/LICENSE.html
rename to bookkeeper-dist/src/main/resources/deps/bouncycastle-1.0.2.3/LICENSE.html
diff --git a/dependencies.gradle b/dependencies.gradle
index 2592d15..32d279d 100644
--- a/dependencies.gradle
+++ b/dependencies.gradle
@@ -24,7 +24,7 @@ ext {
 depVersions = [
     arquillianCubeDocker: "1.18.2",
     arquillianJunit: "1.6.0.Final",
-    bcFips: "1.0.2.1",
+    bcFips: "1.0.2.3",
     bouncycastle: "1.69",
     commonsCli: "1.2",
     commonsCodec: "1.6",
diff --git a/pom.xml b/pom.xml
index eba48ec..f3033ca 100644
--- a/pom.xml
+++ b/pom.xml
@@ -123,7 +123,7 @@
     <commons-lang.version>2.6</commons-lang.version>
     <commons-lang3.version>3.6</commons-lang3.version>
     <commons-io.version>2.7</commons-io.version>
-    <bouncycastle.version>1.0.2.1</bouncycastle.version>
+    <bouncycastle.version>1.0.2.3</bouncycastle.version>
     <curator.version>5.1.0</curator.version>
     <dropwizard.version>3.2.5</dropwizard.version>
     <etcd.version>0.5.11</etcd.version>