[HADOOP-17898] Upgrade BouncyCastle to 1.69 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Duplicate
Affects Version/s: 3.4.0, 2.10.2, 3.2.3, 3.3.2
Fix Version/s: None
Component/s: None
Labels:
- pull-request-available

Description

Vulnerabilities reported in BouncyCastle:
CVE-2020-26939 moderate severity
CVE-2020-15522 moderate severity

Affecting releases before 1.66.

Upgrade to latest 1.69.

Attachments

Issue Links

duplicates

HADOOP-17563 Update Bouncy Castle to 1.68 or later

Resolved

supercedes

HADOOP-15832 Upgrade BouncyCastle to 1.60

Resolved

links to

GitHub Pull Request #3397

GitHub Pull Request #3398

Activity

People

Assignee:: Ahmed Hussein

Reporter:: Ahmed Hussein

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 07/Sep/21 16:50

Updated:: 08/Sep/21 17:01

Resolved:: 08/Sep/21 10:50

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

1h