This is an automated email from the ASF dual-hosted git repository.
dhavalshah9131 pushed a commit to branch ranger-2.8
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/ranger-2.8 by this push:
new 674e9449b RANGER-5336:Upgrade bouncycastle to 1.79 due to
CVE-2025-8916 and CVE-2025-8885 (#750)
674e9449b is described below
commit 674e9449bc4fe1e3d203118eff66f92e8db92b4e
Author: Bhaavesh Amol Amre <[email protected]>
AuthorDate: Mon Dec 1 12:18:54 2025 +0530
RANGER-5336:Upgrade bouncycastle to 1.79 due to CVE-2025-8916 and
CVE-2025-8885 (#750)
---
distro/src/main/assembly/admin-web.xml | 2 +-
distro/src/main/assembly/kms.xml | 4 ++--
kms/pom.xml | 8 ++++----
plugin-kafka/pom.xml | 2 +-
plugin-ozone/pom.xml | 4 ++--
pom.xml | 6 +++---
6 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/distro/src/main/assembly/admin-web.xml
b/distro/src/main/assembly/admin-web.xml
index 0ebe3164b..67724991f 100644
--- a/distro/src/main/assembly/admin-web.xml
+++ b/distro/src/main/assembly/admin-web.xml
@@ -191,7 +191,7 @@
<include>org.apache.ratis:ratis-proto:jar:${ratis.version}</include>
<include>org.apache.ratis:ratis-thirdparty-misc:jar:${ratis-thirdparty.version}</include>
<include>org.apache.commons:commons-compress:jar:${commons.compress.version}</include>
-
<include>org.bouncycastle:bcpkix-jdk15on:jar:${org.bouncycastle.bcpkix-jdk15on}</include>
+
<include>org.bouncycastle:bcpkix-jdk18on:jar:${org.bouncycastle.bcpkix-jdk18on}</include>
<include>commons-net:commons-net:jar:${commons.net.version}</include>
<include>io.jaegertracing:jaeger-core:jar:1.6.0</include>
<include>io.opentracing:opentracing-api:jar:0.33.0</include>
diff --git a/distro/src/main/assembly/kms.xml b/distro/src/main/assembly/kms.xml
index 0d64d6caf..1aedfd9b0 100755
--- a/distro/src/main/assembly/kms.xml
+++ b/distro/src/main/assembly/kms.xml
@@ -114,8 +114,8 @@
<include>com.sun.mail:javax.mail</include>
<include>com.nimbusds:nimbus-jose-jwt</include>
<include>com.microsoft.azure:azure-keyvault-webkey</include>
- <include>org.bouncycastle:bcprov-jdk15on</include>
- <include>org.bouncycastle:bcpkix-jdk15on</include>
+ <include>org.bouncycastle:bcprov-jdk18on</include>
+ <include>org.bouncycastle:bcpkix-jdk18on</include>
<include>com.microsoft.azure:azure-mgmt-resources</include>
<include>com.microsoft.azure:azure-client-authentication</include>
<include>com.microsoft.azure:azure-mgmt-graph-rbac</include>
diff --git a/kms/pom.xml b/kms/pom.xml
index 7fa8ed054..86632aaa1 100644
--- a/kms/pom.xml
+++ b/kms/pom.xml
@@ -469,13 +469,13 @@
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
- <artifactId>bcpkix-jdk15on</artifactId>
- <version>${org.bouncycastle.bcpkix-jdk15on}</version>
+ <artifactId>bcpkix-jdk18on</artifactId>
+ <version>${org.bouncycastle.bcpkix-jdk18on}</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
- <artifactId>bcprov-jdk15on</artifactId>
- <version>${org.bouncycastle.bcprov-jdk15on}</version>
+ <artifactId>bcprov-jdk18on</artifactId>
+ <version>${org.bouncycastle.bcprov-jdk18on}</version>
</dependency>
<dependency>
<groupId>org.codehaus.jettison</groupId>
diff --git a/plugin-kafka/pom.xml b/plugin-kafka/pom.xml
index 8d6e5bccc..b1cd8a8c6 100644
--- a/plugin-kafka/pom.xml
+++ b/plugin-kafka/pom.xml
@@ -172,7 +172,7 @@
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
- <artifactId>bcpkix-jdk15on</artifactId>
+ <artifactId>bcpkix-jdk18on</artifactId>
<version>${bouncycastle.version}</version>
<scope>test</scope>
</dependency>
diff --git a/plugin-ozone/pom.xml b/plugin-ozone/pom.xml
index 1f5d091f6..be1ba2370 100644
--- a/plugin-ozone/pom.xml
+++ b/plugin-ozone/pom.xml
@@ -141,8 +141,8 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
- <artifactId>bcpkix-jdk15on</artifactId>
- <version>${org.bouncycastle.bcpkix-jdk15on}</version>
+ <artifactId>bcpkix-jdk18on</artifactId>
+ <version>${org.bouncycastle.bcpkix-jdk18on}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
diff --git a/pom.xml b/pom.xml
index a8a6cd35e..e3c8df342 100644
--- a/pom.xml
+++ b/pom.xml
@@ -45,7 +45,7 @@
<atlas.jettison.version>1.3.7</atlas.jettison.version>
<atlas.version>2.4.0</atlas.version>
<aws-java-sdk.version>1.12.765</aws-java-sdk.version>
- <bouncycastle.version>1.70</bouncycastle.version>
+ <bouncycastle.version>1.79</bouncycastle.version>
<cglib.version>2.2.0-b23</cglib.version>
<checkstyle.plugin.version>3.1.0</checkstyle.plugin.version>
<checkstyle.version>8.29</checkstyle.version>
@@ -174,8 +174,8 @@
<noggit.version>0.8</noggit.version>
<orc.core.version>1.6.7</orc.core.version>
<orc.version>1.5.8</orc.version>
- <org.bouncycastle.bcpkix-jdk15on>1.70</org.bouncycastle.bcpkix-jdk15on>
- <org.bouncycastle.bcprov-jdk15on>1.70</org.bouncycastle.bcprov-jdk15on>
+ <org.bouncycastle.bcpkix-jdk18on>1.79</org.bouncycastle.bcpkix-jdk18on>
+ <org.bouncycastle.bcprov-jdk18on>1.79</org.bouncycastle.bcprov-jdk18on>
<owasp-java-html-sanitizer.version>20211018.2</owasp-java-html-sanitizer.version>
<ozone.version>1.4.0</ozone.version>
<paranamer.version>2.3</paranamer.version>
