Shilun Fan created TEZ-4560: ------------------------------- Summary: Upgrade bouncycastle to 1.77 due to CVE. Key: TEZ-4560 URL: https://issues.apache.org/jira/browse/TEZ-4560 Project: Apache Tez Issue Type: Improvement Reporter: Shilun Fan Assignee: Shilun Fan
There are 2 CVE issues in bcprov-jdk15on, CVE-2023-33202 and CVE-2023-33201. We can find more information at the following link: [https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on/1.70] [CVE-2023-33202|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33202] [CVE-2023-33201|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33201] -- This message was sent by Atlassian Jira (v8.20.10#820010)