[
https://issues.apache.org/jira/browse/JCLOUDS-1526?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16975160#comment-16975160
]
ASF subversion and git services commented on JCLOUDS-1526:
----------------------------------------------------------
Commit 30830bfa4e41b0647b343892c6c41b0bf797a1ee in jclouds's branch
refs/heads/master from Colm O hEigeartaigh
[ https://gitbox.apache.org/repos/asf?p=jclouds.git;h=30830bf ]
JCLOUDS-1526 - Update BouncyCastle dependency (#53)
> Update BouncyCastle dependency
> ------------------------------
>
> Key: JCLOUDS-1526
> URL: https://issues.apache.org/jira/browse/JCLOUDS-1526
> Project: jclouds
> Issue Type: Improvement
> Reporter: Colm O hEigeartaigh
> Priority: Major
> Fix For: 2.3.0, 2.2.1
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> The BouncyCastle dependency should be updated. The current version used has
> numerous CVEs:
> bcprov-ext-jdk15on-1.51.jar
> (pkg:maven/org.bouncycastle/[email protected]) : CVE-2015-6644,
> CVE-2016-1000338, CVE-2016-1000339, CVE-2016-1000340, CVE-2016-1000341,
> CVE-2016-1000342, CVE-2016-1000343, CVE-2016-1000344, CVE-2016-1000345,
> CVE-2016-1000346, CVE-2016-1000352, CVE-2017-13098, CVE-2018-1000613
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
