This is an automated email from the ASF dual-hosted git repository. srowen pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/master by this push: new aec34451297 [SPARK-44441][BUILD] Upgrade `bcprov-jdk15on` and `bcpkix-jdk15on` to 1.70 aec34451297 is described below commit aec3445129789c5b1d768333bacf3f3e680d73a0 Author: yangjie01 <yangji...@baidu.com> AuthorDate: Sat Jul 15 12:17:07 2023 -0500 [SPARK-44441][BUILD] Upgrade `bcprov-jdk15on` and `bcpkix-jdk15on` to 1.70 ### What changes were proposed in this pull request? This pr aims to upgrade `bcprov-jdk15on` and `bcpkix-jdk15on` from 1.60 to 1.70 ### Why are the changes needed? The new version fixed [CVE-2020-15522](https://github.com/bcgit/bc-java/wiki/CVE-2020-15522). The release notes as follows: - https://www.bouncycastle.org/releasenotes.html#r1rv70 ### Does this PR introduce _any_ user-facing change? No, just upgrade test dependency ### How was this patch tested? Pass Git Hub Actions Closes #42015 from LuciferYang/SPARK-44441. Authored-by: yangjie01 <yangji...@baidu.com> Signed-off-by: Sean Owen <sro...@gmail.com> --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index eac34643fc9..3c2107b1b00 100644 --- a/pom.xml +++ b/pom.xml @@ -214,7 +214,7 @@ <maven-antrun.version>3.1.0</maven-antrun.version> <commons-crypto.version>1.1.0</commons-crypto.version> <commons-cli.version>1.5.0</commons-cli.version> - <bouncycastle.version>1.60</bouncycastle.version> + <bouncycastle.version>1.70</bouncycastle.version> <tink.version>1.9.0</tink.version> <!-- Please don't upgrade the version to 4.1.94.Final, --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org For additional commands, e-mail: commits-h...@spark.apache.org