[jira] [Updated] (TOMEE-4337) bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar
[ https://issues.apache.org/jira/browse/TOMEE-4337?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Richard Zowalla updated TOMEE-4337: --- Fix Version/s: 10.0.0-M2 > bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar > > > Key: TOMEE-4337 > URL: https://issues.apache.org/jira/browse/TOMEE-4337 > Project: TomEE > Issue Type: Dependency upgrade > Components: TomEE Core Server >Affects Versions: 10.0.0-M1 >Reporter: RAJU THANNEERU >Priority: Major > Fix For: 10.0.0-M2 > > > New vulnerabilities in bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar > Looks like these are already addressed in 1.78 version, so upgrade to 1.78 or > 1.78.1 > *bcprov-jdk15to18-1.76.jar* > |[CVE-2024-29857|https://nvd.nist.gov/vuln/detail/CVE-2024-29857]| > |[CVE-2024-30171|https://nvd.nist.gov/vuln/detail/CVE-2024-30171]| > |[CVE-2024-30172|https://nvd.nist.gov/vuln/detail/CVE-2024-30172]| > |[CVE-2024-34447|https://nvd.nist.gov/vuln/detail/CVE-2024-34447]| > *bcpkix-jdk15to18-1.76.jar* > |[CVE-2024-29857|https://nvd.nist.gov/vuln/detail/CVE-2024-29857]| > |[CVE-2024-30171|https://nvd.nist.gov/vuln/detail/CVE-2024-30171]| > |[CVE-2024-30172|https://nvd.nist.gov/vuln/detail/CVE-2024-30172]| -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (TOMEE-4337) bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar
[ https://issues.apache.org/jira/browse/TOMEE-4337?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Richard Zowalla updated TOMEE-4337: --- Affects Version/s: 10.0.0-M1 (was: 9.1.3) > bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar > > > Key: TOMEE-4337 > URL: https://issues.apache.org/jira/browse/TOMEE-4337 > Project: TomEE > Issue Type: Dependency upgrade > Components: TomEE Core Server >Affects Versions: 10.0.0-M1 >Reporter: RAJU THANNEERU >Priority: Major > > New vulnerabilities in bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar > Looks like these are already addressed in 1.78 version, so upgrade to 1.78 or > 1.78.1 > *bcprov-jdk15to18-1.76.jar* > |[CVE-2024-29857|https://nvd.nist.gov/vuln/detail/CVE-2024-29857]| > |[CVE-2024-30171|https://nvd.nist.gov/vuln/detail/CVE-2024-30171]| > |[CVE-2024-30172|https://nvd.nist.gov/vuln/detail/CVE-2024-30172]| > |[CVE-2024-34447|https://nvd.nist.gov/vuln/detail/CVE-2024-34447]| > *bcpkix-jdk15to18-1.76.jar* > |[CVE-2024-29857|https://nvd.nist.gov/vuln/detail/CVE-2024-29857]| > |[CVE-2024-30171|https://nvd.nist.gov/vuln/detail/CVE-2024-30171]| > |[CVE-2024-30172|https://nvd.nist.gov/vuln/detail/CVE-2024-30172]| -- This message was sent by Atlassian Jira (v8.20.10#820010)
