[jira] [Updated] (HBASE-28552) Bump up bouncycastle dependency from 1.76 to 1.78

Duo Zhang (Jira) Fri, 26 Apr 2024 00:15:54 -0700


     [ 
https://issues.apache.org/jira/browse/HBASE-28552?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Duo Zhang updated HBASE-28552:
------------------------------
    Release Note: 
Bump bouncycastle dependency from 1.76 to 1.78 for addressing several CVEs

CVE-2024-29857
CVE-2024-30171
CVE-2024-30172
CVE-2024-301XX(Full CVE Code not available yet)

> Bump up bouncycastle dependency from 1.76 to 1.78
> -------------------------------------------------
>
>                 Key: HBASE-28552
>                 URL: https://issues.apache.org/jira/browse/HBASE-28552
>             Project: HBase
>          Issue Type: Improvement
>          Components: dependencies, security
>            Reporter: Nikita Pande
>            Assignee: Nikita Pande
>            Priority: Major
>              Labels: pull-request-available
>
> org.bouncycastle : bcprov-jdk18on : 1.76 to be upgraded to latest  
> org.bouncycastle : bcprov-jdk18on : 1.78
> Refer [link 
> org.bouncycastle|https://security.snyk.io/package/maven/org.bouncycastle:bcprov-debug-jdk18on]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (HBASE-28552) Bump up bouncycastle dependency from 1.76 to 1.78

Reply via email to