Skip to content

upgrade to bouncycastle 1.78.1 due to CVEs #2326

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
pjfanning wants to merge 2 commits into from
Closed

upgrade to bouncycastle 1.78.1 due to CVEs #2326

pjfanning wants to merge 2 commits into from

Conversation

@pjfanning
Copy link

@pjfanning pjfanning commented May 7, 2024

@pjfanning pjfanning requested a review from a team as a code owner May 7, 2024 10:18
@R3dError
Copy link

R3dError commented Jun 3, 2024

+1
There is also a dependabot pull request (#2254), which is obsolete because the security issues are not fixed in version 1.77

@fbuetler
Copy link

fbuetler commented Jun 4, 2024

We'd appreciate a soon merge of this PR as well, as it fixes 4 CVEs:
https://www.bouncycastle.org/resources/java-release-1-78-1-is-now-available-for-download/

@winne42
Copy link

winne42 commented Jul 8, 2024

@eddumelendez could you merge this pls?

@eddumelendez
Copy link
Member

eddumelendez commented Apr 1, 2025

Thanks for your contribution but the dependencies have been updated via dependabot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@pjfanning @R3dError @fbuetler @winne42 @eddumelendez