[jira] [Created] (TEZ-4560) Upgrade bouncycastle to 1.77 due to CVE.

Shilun Fan (Jira) Sat, 04 May 2024 20:53:04 -0700

Shilun Fan created TEZ-4560:
-------------------------------

             Summary: Upgrade bouncycastle to 1.77 due to CVE.
                 Key: TEZ-4560
                 URL: https://issues.apache.org/jira/browse/TEZ-4560
             Project: Apache Tez
          Issue Type: Improvement
            Reporter: Shilun Fan
            Assignee: Shilun Fan



There are 2 CVE issues in bcprov-jdk15on, CVE-2023-33202 and CVE-2023-33201. We 
can find more information at the following link:

[https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on/1.70]

 

[CVE-2023-33202|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33202]
[CVE-2023-33201|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33201]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (TEZ-4560) Upgrade bouncycastle to 1.77 due to CVE.

Reply via email to