This is an automated email from the ASF dual-hosted git repository.
srowen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/master by this push:
new aec34451297 [SPARK-44441][BUILD] Upgrade `bcprov-jdk15on` and
`bcpkix-jdk15on` to 1.70
aec34451297 is described below
commit aec3445129789c5b1d768333bacf3f3e680d73a0
Author: yangjie01 <yangji...@baidu.com>
AuthorDate: Sat Jul 15 12:17:07 2023 -0500
[SPARK-44441][BUILD] Upgrade `bcprov-jdk15on` and `bcpkix-jdk15on` to 1.70
### What changes were proposed in this pull request?
This pr aims to upgrade `bcprov-jdk15on` and `bcpkix-jdk15on` from 1.60 to
1.70
### Why are the changes needed?
The new version fixed
[CVE-2020-15522](https://github.com/bcgit/bc-java/wiki/CVE-2020-15522).
The release notes as follows:
- https://www.bouncycastle.org/releasenotes.html#r1rv70
### Does this PR introduce _any_ user-facing change?
No, just upgrade test dependency
### How was this patch tested?
Pass Git Hub Actions
Closes #42015 from LuciferYang/SPARK-44441.
Authored-by: yangjie01 <yangji...@baidu.com>
Signed-off-by: Sean Owen <sro...@gmail.com>
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index eac34643fc9..3c2107b1b00 100644
--- a/pom.xml
+++ b/pom.xml
@@ -214,7 +214,7 @@
<maven-antrun.version>3.1.0</maven-antrun.version>
<commons-crypto.version>1.1.0</commons-crypto.version>
<commons-cli.version>1.5.0</commons-cli.version>
- <bouncycastle.version>1.60</bouncycastle.version>
+ <bouncycastle.version>1.70</bouncycastle.version>
<tink.version>1.9.0</tink.version>
<!--
Please don't upgrade the version to 4.1.94.Final,
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org
For additional commands, e-mail: commits-h...@spark.apache.org
