This is an automated email from the ASF dual-hosted git repository.
abhishekrb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 4c1a28b2ccb Fix CVE-2025-8916: Update bcpkix-jdk18on from 1.78.1 to
1.79 (#18834)
4c1a28b2ccb is described below
commit 4c1a28b2ccb89f3de8248873f47e42751adcf024
Author: Ashwin Tumma <[email protected]>
AuthorDate: Thu Dec 11 08:32:29 2025 -0800
Fix CVE-2025-8916: Update bcpkix-jdk18on from 1.78.1 to 1.79 (#18834)
Upgraded org.bouncycastle:bcpkix-jdk18on version from 1.78.1 to 1.79 to
resolve CVE-2025-8916.
---
licenses.yaml | 2 +-
pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/licenses.yaml b/licenses.yaml
index 92e2359f6f0..5aba2c2c137 100644
--- a/licenses.yaml
+++ b/licenses.yaml
@@ -1119,7 +1119,7 @@ name: org.bouncycastle bcprov-jdk18on
license_category: binary
module: extensions/druid-kubernetes-extensions
license_name: MIT License
-version: "1.78.1"
+version: "1.79"
libraries:
- org.bouncycastle: bcprov-jdk18on
- org.bouncycastle: bcprov-ext-jdk18on
diff --git a/pom.xml b/pom.xml
index 55c65a262d4..d36c1e7eac9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -425,7 +425,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
- <version>1.78.1</version>
+ <version>1.79</version>
</dependency>
<!-- Transitive dependency of hive-common in druid-kerberos,
druid-ranger-security and
druid-iceberg-extension -->
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
