You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@zookeeper.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2019/01/07 16:49:00 UTC

[jira] [Created] (ZOOKEEPER-3236) Upgrade BouncyCastle

Colm O hEigeartaigh created ZOOKEEPER-3236:
----------------------------------------------

             Summary: Upgrade BouncyCastle
                 Key: ZOOKEEPER-3236
                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3236
             Project: ZooKeeper
          Issue Type: Improvement
            Reporter: Colm O hEigeartaigh


BouncyCastle should be upgraded to the latest release. The current version we are picking up contains security advisories:

bcprov-jdk15on-1.56.jar (cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.56, org.bouncycastle:bcprov-jdk15on:1.56, cpe:/a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.56, cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.56) : CVE-2017-13098, CVE-2018-1000180, CVE-2018-1000613



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)