[ https://issues.apache.org/jira/browse/TOMEE-4336?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Markus Jung reassigned TOMEE-4336: ---------------------------------- Assignee: Markus Jung > Upgrade bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar > --------------------------------------------------------------- > > Key: TOMEE-4336 > URL: https://issues.apache.org/jira/browse/TOMEE-4336 > Project: TomEE > Issue Type: Dependency upgrade > Components: TomEE Core Server > Affects Versions: 9.1.3 > Reporter: RAJU THANNEERU > Assignee: Markus Jung > Priority: Major > > New vulnerabilities in bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar > Looks like these are already addressed in 1.78 version, so upgrade to 1.78 or > 1.78.1 > *bcprov-jdk15to18-1.76.jar* > |[CVE-2024-29857|https://nvd.nist.gov/vuln/detail/CVE-2024-29857]| > |[CVE-2024-30171|https://nvd.nist.gov/vuln/detail/CVE-2024-30171]| > |[CVE-2024-30172|https://nvd.nist.gov/vuln/detail/CVE-2024-30172]| > |[CVE-2024-34447|https://nvd.nist.gov/vuln/detail/CVE-2024-34447]| > *bcpkix-jdk15to18-1.76.jar* > |[CVE-2024-29857|https://nvd.nist.gov/vuln/detail/CVE-2024-29857]| > |[CVE-2024-30171|https://nvd.nist.gov/vuln/detail/CVE-2024-30171]| > |[CVE-2024-30172|https://nvd.nist.gov/vuln/detail/CVE-2024-30172]| -- This message was sent by Atlassian Jira (v8.20.10#820010)