You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zookeeper.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2019/01/07 16:49:00 UTC
[jira] [Created] (ZOOKEEPER-3236) Upgrade BouncyCastle
Colm O hEigeartaigh created ZOOKEEPER-3236:
----------------------------------------------
Summary: Upgrade BouncyCastle
Key: ZOOKEEPER-3236
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3236
Project: ZooKeeper
Issue Type: Improvement
Reporter: Colm O hEigeartaigh
BouncyCastle should be upgraded to the latest release. The current version we are picking up contains security advisories:
bcprov-jdk15on-1.56.jar (cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.56, org.bouncycastle:bcprov-jdk15on:1.56, cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.56, cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.56) : CVE-2017-13098, CVE-2018-1000180, CVE-2018-1000613
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)