You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2023/06/15 20:34:00 UTC
[jira] [Commented] (NIFI-11696) Upgrade Bouncy Castle to 1.74
[ https://issues.apache.org/jira/browse/NIFI-11696?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17733225#comment-17733225 ]
ASF subversion and git services commented on NIFI-11696:
--------------------------------------------------------
Commit 6b19ab8eaa91129b02f48d961435951355dd9be2 in nifi's branch refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=6b19ab8eaa ]
NIFI-11696 Upgraded Bouncy Castle from 1.71 to 1.74
- Adjusted nifi-repository-encryption to remove dependency on Bouncy Castle Provider
- Updated Google Cloud Provider dependencies to remove exclusions and dependencies on Bouncy Castle that no longer apply to current versions
Signed-off-by: Matt Burgess <ma...@apache.org>
This closes #7384
> Upgrade Bouncy Castle to 1.74
> -----------------------------
>
> Key: NIFI-11696
> URL: https://issues.apache.org/jira/browse/NIFI-11696
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework, Extensions
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Labels: dependency-upgrade
> Fix For: 1.latest, 2.latest
>
> Time Spent: 1h
> Remaining Estimate: 0h
>
> Bouncy Castle [1.74|https://www.bouncycastle.org/releasenotes.html#r1rv74] includes a number of bug fixes and feature improvements over previous versions.
> Bouncy Castle 1.72 and 1.73 included the defunct SIKE algorithm, which added multiple megabytes to the provider library. Version 1.74 removed this algorithm, minimizing the size impact of the new version.
> Bouncy Castle 1.74 also resolves CVE-2023-33201 related to LDAP certificate store handling. Apache NiFi does not use the X509LDAPCertStoreSpi class.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)