[jira] [Created] (TOMEE-4336) Upgrade bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar

RAJU THANNEERU (Jira) Thu, 16 May 2024 04:23:05 -0700

RAJU THANNEERU created TOMEE-4336:
-------------------------------------

             Summary: Upgrade bcprov-jdk15to18-1.76.jar and 
bcpkix-jdk15to18-1.76.jar
                 Key: TOMEE-4336
                 URL: https://issues.apache.org/jira/browse/TOMEE-4336
             Project: TomEE
          Issue Type: Dependency upgrade
          Components: TomEE Core Server
    Affects Versions: 9.1.3
            Reporter: RAJU THANNEERU



New vulnerabilities in bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar

Looks like these are already addressed in 1.78 version, so upgrade to 1.78 or 
1.78.1

*bcprov-jdk15to18-1.76.jar*
|[CVE-2024-29857|https://nvd.nist.gov/vuln/detail/CVE-2024-29857]|
|[CVE-2024-30171|https://nvd.nist.gov/vuln/detail/CVE-2024-30171]|
|[CVE-2024-30172|https://nvd.nist.gov/vuln/detail/CVE-2024-30172]|
|[CVE-2024-34447|https://nvd.nist.gov/vuln/detail/CVE-2024-34447]|

*bcpkix-jdk15to18-1.76.jar*
|[CVE-2024-29857|https://nvd.nist.gov/vuln/detail/CVE-2024-29857]|
|[CVE-2024-30171|https://nvd.nist.gov/vuln/detail/CVE-2024-30171]|
|[CVE-2024-30172|https://nvd.nist.gov/vuln/detail/CVE-2024-30172]|



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (TOMEE-4336) Upgrade bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar

Reply via email to