You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tez.apache.org by ab...@apache.org on 2022/12/02 08:39:51 UTC
[tez] branch master updated: TEZ-4458:Upgrade Bouncy Castle to 1.70 due to high CVEs (#253) (Mayank Kunwar reviewed by Laszlo Bodor)
This is an automated email from the ASF dual-hosted git repository.
abstractdog pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tez.git
The following commit(s) were added to refs/heads/master by this push:
new 34d681007 TEZ-4458:Upgrade Bouncy Castle to 1.70 due to high CVEs (#253) (Mayank Kunwar reviewed by Laszlo Bodor)
34d681007 is described below
commit 34d68100737b6e83a43f2a6837d3026eea5070bf
Author: Mayank Kunwar <55...@users.noreply.github.com>
AuthorDate: Fri Dec 2 14:09:46 2022 +0530
TEZ-4458:Upgrade Bouncy Castle to 1.70 due to high CVEs (#253) (Mayank Kunwar reviewed by Laszlo Bodor)
---
pom.xml | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 5e03d2af8..68d5d204d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -65,6 +65,7 @@
<slf4j.version>1.7.36</slf4j.version>
<protobuf.version>3.21.1</protobuf.version>
<roaringbitmap.version>0.7.45</roaringbitmap.version>
+ <bouncycastle.version>1.70</bouncycastle.version>
<protoc.path>${env.PROTOC_PATH}</protoc.path>
<scm.url>scm:git:https://gitbox.apache.org/repos/asf/tez.git</scm.url>
<frontend-maven-plugin.version>1.8.0</frontend-maven-plugin.version>
@@ -758,7 +759,13 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
- <version>1.65</version>
+ <version>${bouncycastle.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.bouncycastle</groupId>
+ <artifactId>bcpkix-jdk15on</artifactId>
+ <version>${bouncycastle.version}</version>
<scope>test</scope>
</dependency>
<dependency>