[
https://issues.apache.org/jira/browse/KNOX-3061?focusedWorklogId=944550&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-944550
]
ASF GitHub Bot logged work on KNOX-3061:
----------------------------------------
Author: ASF GitHub Bot
Created on: 20/Nov/24 10:35
Start Date: 20/Nov/24 10:35
Worklog Time Spent: 10m
Work Description: hanicz opened a new pull request, #964:
URL: https://github.com/apache/knox/pull/964
## What changes were proposed in this pull request?
Upgrade Bouncy Castle to 1.78 due to
- CVE-2023-33202
- CVE-2023-33201
- CVE-2024-29857
- CVE-2024-30171
- CVE-2024-30172
- CVE-2024-34447
## How was this patch tested?
Ran tests locally
Checked the dependency tree with: `mvn dependency:tree
-Dincludes=org.bouncycastle | grep "org.bouncycastle"`
Checked the dep folder after ant install-test-home with: `ls -la *bp*`
Issue Time Tracking
-------------------
Worklog Id: (was: 944550)
Remaining Estimate: 0h
Time Spent: 10m
> Upgrade Bouncy Castle to 1.78
> -----------------------------
>
> Key: KNOX-3061
> URL: https://issues.apache.org/jira/browse/KNOX-3061
> Project: Apache Knox
> Issue Type: Task
> Components: Build
> Affects Versions: 2.1.0
> Reporter: Tamás Hanicz
> Priority: Minor
> Fix For: 2.1.0
>
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Upgrade Bouncy Castle to 1.78 due to CVE-2023-33202, CVE-2023-33201,
> CVE-2024-29857, CVE-2024-30171, CVE-2024-30172 and CVE-2024-34447
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
