You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The version of Bouncy Castle used in the existing latest release (1.1.9) has a known vulnerability CVE-2024-29857. Bouncy castle has new version bcpkix-jdk18on-1.78.1 that does not have any known vulnerabilities.
Are there plans to include this version of bouncy castle and create a new release ?
The text was updated successfully, but these errors were encountered:
Hey @khfds2024! Thanks for reporting this important issue! I've investigated and opened #91 to resolve this. I will cut a new release today and report here. Thanks again for reporting this!
The version of Bouncy Castle used in the existing latest release (1.1.9) has a known vulnerability CVE-2024-29857. Bouncy castle has new version bcpkix-jdk18on-1.78.1 that does not have any known vulnerabilities.
Are there plans to include this version of bouncy castle and create a new release ?
The text was updated successfully, but these errors were encountered: