[ https://issues.apache.org/jira/browse/MEECROWAVE-338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17854092#comment-17854092 ]
Mark Struberg commented on MEECROWAVE-338: ------------------------------------------ This is just for unit tests. We don't use it for any prod code. Thus it's also just a test dependency and no CVE issue. > move Oauth2Test from sun.security to Bouncycastle > ------------------------------------------------- > > Key: MEECROWAVE-338 > URL: https://issues.apache.org/jira/browse/MEECROWAVE-338 > Project: Meecrowave > Issue Type: Improvement > Affects Versions: 1.2.15 > Reporter: Mark Struberg > Assignee: Mark Struberg > Priority: Major > Fix For: 1.2.16, 2.0.0 > > > We still use sun.security to generate our key files. We should use > bouncycastle instead. -- This message was sent by Atlassian Jira (v8.20.10#820010)