HADOOP-18540. Upgrade Bouncy Castle to 1.70 (#5166)

This addresses
- [sonatype-2021-4916] CWE-327: Use of a Broken or Risky Cryptographic Algorithm
- [sonatype-2019-0673] CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Contributed by Murali Krishna
This commit is contained in:
Murali Krishna 2024-01-02 00:34:06 +05:30 committed by GitHub
parent 9a4d10763c
commit 9edcf42c78
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 3 deletions

View File

@ -479,8 +479,9 @@ com.microsoft.azure:azure-cosmosdb-gateway:2.4.5
com.microsoft.azure:azure-data-lake-store-sdk:2.3.3 com.microsoft.azure:azure-data-lake-store-sdk:2.3.3
com.microsoft.azure:azure-keyvault-core:1.0.0 com.microsoft.azure:azure-keyvault-core:1.0.0
com.microsoft.sqlserver:mssql-jdbc:6.2.1.jre7 com.microsoft.sqlserver:mssql-jdbc:6.2.1.jre7
org.bouncycastle:bcpkix-jdk15on:1.68 org.bouncycastle:bcpkix-jdk15on:1.70
org.bouncycastle:bcprov-jdk15on:1.68 org.bouncycastle:bcprov-jdk15on:1.70
org.bouncycastle:bcutil-jdk15on:1.70
org.checkerframework:checker-qual:2.5.2 org.checkerframework:checker-qual:2.5.2
org.codehaus.mojo:animal-sniffer-annotations:1.21 org.codehaus.mojo:animal-sniffer-annotations:1.21
org.jruby.jcodings:jcodings:1.0.13 org.jruby.jcodings:jcodings:1.0.13

View File

@ -111,7 +111,7 @@
<guava.version>27.0-jre</guava.version> <guava.version>27.0-jre</guava.version>
<guice.version>4.2.3</guice.version> <guice.version>4.2.3</guice.version>
<bouncycastle.version>1.68</bouncycastle.version> <bouncycastle.version>1.70</bouncycastle.version>
<!-- Required for testing LDAP integration --> <!-- Required for testing LDAP integration -->
<apacheds.version>2.0.0.AM26</apacheds.version> <apacheds.version>2.0.0.AM26</apacheds.version>