You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2023/06/15 17:07:00 UTC

[jira] [Created] (NIFI-11696) Upgrade Bouncy Castle to 1.74

David Handermann created NIFI-11696:
---------------------------------------

             Summary: Upgrade Bouncy Castle to 1.74
                 Key: NIFI-11696
                 URL: https://issues.apache.org/jira/browse/NIFI-11696
             Project: Apache NiFi
          Issue Type: Improvement
          Components: Core Framework, Extensions
            Reporter: David Handermann
            Assignee: David Handermann
             Fix For: 1.latest, 2.latest


Bouncy Castle [1.74|https://www.bouncycastle.org/releasenotes.html#r1rv74] includes a number of bug fixes and feature improvements over previous versions.

Bouncy Castle 1.72 and 1.73 included the defunct SIKE algorithm, which added multiple megabytes to the provider library. Version 1.74 removed this algorithm, minimizing the size impact of the new version.

Bouncy Castle 1.74 also resolves CVE-2023-33201 related to LDAP certificate store handling. Apache NiFi does not use the X509LDAPCertStoreSpi class.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)