https://bz.apache.org/bugzilla/show_bug.cgi?id=62113
--- Comment #1 from Olaf Flebbe <[email protected]> --- The version 1.49 of bouncycastle is known to be vulnerable and has at least two CVE's logged. While I do not think jmeter has an open attack vendor (since it seems only be used for SMIME), I would recommend to update anyway. -- You are receiving this mail because: You are the assignee for the bug.
