[jira] [Resolved] (RANGER-5336) Upgrade bouncycastle to 1.79 due to CVE-2025-8916 and CVE-2025-8885

Bhavesh Amre (Jira) Tue, 28 Oct 2025 23:35:07 -0700


     [ 
https://issues.apache.org/jira/browse/RANGER-5336?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Bhavesh Amre resolved RANGER-5336.
----------------------------------
    Fix Version/s: 3.0.0
       Resolution: Fixed

> Upgrade bouncycastle to 1.79 due to CVE-2025-8916 and CVE-2025-8885
> -------------------------------------------------------------------
>
>                 Key: RANGER-5336
>                 URL: https://issues.apache.org/jira/browse/RANGER-5336
>             Project: Ranger
>          Issue Type: Improvement
>          Components: Ranger
>            Reporter: Bhavesh Amre
>            Assignee: Bhavesh Amre
>            Priority: Major
>             Fix For: 3.0.0
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> Upgrade *BouncyCastle* dependencies to version *1.79* from *1.70* in order to 
> address the following security vulnerabilities:
>  * *CVE-2025-8916*
>  * *CVE-2025-8885*
> This upgrade ensures that Ranger is not impacted by the reported issues in 
> earlier versions of BouncyCastle.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (RANGER-5336) Upgrade bouncycastle to 1.79 due to CVE-2025-8916 and CVE-2025-8885

Reply via email to