Skip to content

Commit

Permalink
[fix][sec] Replace bcprov-jdk15on dependency with bcprov-jdk18-on (#2…
Browse files Browse the repository at this point in the history 
…3532)
  • Loading branch information
@lhotari
lhotari authored Oct 31, 2024
1 parent 85aa046 commit f196e2c
Show file tree
Hide file tree
Showing 3 changed files with 46 additions and 1 deletion.
22 changes: 22 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -962,6 +962,12 @@ flexible messaging model and an intuitive client API.</description>
<version>${caffeine.version}</version>
</dependency>

<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>${bouncycastle.version}</version>
</dependency>

<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
Expand Down Expand Up @@ -1324,6 +1330,10 @@ flexible messaging model and an intuitive client API.</description>
<groupId>dnsjava</groupId>
<artifactId>dnsjava</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
Expand All @@ -1335,6 +1345,10 @@ flexible messaging model and an intuitive client API.</description>
<groupId>dnsjava</groupId>
<artifactId>dnsjava</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
Expand All @@ -1346,6 +1360,10 @@ flexible messaging model and an intuitive client API.</description>
<groupId>dnsjava</groupId>
<artifactId>dnsjava</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
Expand All @@ -1357,6 +1375,10 @@ flexible messaging model and an intuitive client API.</description>
<groupId>dnsjava</groupId>
<artifactId>dnsjava</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- dnsjava is pulled in by hadoop-common -->
Expand Down
8 changes: 8 additions & 0 deletions pulsar-io/hdfs3/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,8 +71,16 @@
<groupId>org.apache.avro</groupId>
<artifactId>avro</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
</dependency>

<dependency>
<groupId>jakarta.activation</groupId>
Expand Down
17 changes: 16 additions & 1 deletion tiered-storage/file-system/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,16 @@
<groupId>dnsjava</groupId>
<artifactId>dnsjava</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>

<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-hdfs-client</artifactId>
Expand Down Expand Up @@ -85,6 +92,10 @@
<groupId>dnsjava</groupId>
<artifactId>dnsjava</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- fix hadoop-commons vulnerable dependencies -->
Expand Down Expand Up @@ -133,6 +144,10 @@
<groupId>dnsjava</groupId>
<artifactId>dnsjava</artifactId>
</exclusion>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>

Expand Down

0 comments on commit f196e2c

Please sign in to comment.