Skip to content

Commit

Permalink
Update bouncyCastle to 1.78 to mitigate CVE-2024-29857 (#938)
Browse files Browse the repository at this point in the history 
Bouncy Caste version before 1.78 have 

CVE-2024-29857 - Importing an EC certificate with specially crafted F2m parameters can cause high CPU usage during parameter evaluation.

Is sshj impacted by this vulnerability?
  • Loading branch information
@eshaffer321
eshaffer321 committed Apr 17, 2024
1 parent 586a664 commit cf340c2
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ compileJava {

configurations.implementation.transitive = false

def bouncycastleVersion = "1.75"
def bouncycastleVersion = "1.78"
def sshdVersion = "2.10.0"

dependencies {
Expand Down

0 comments on commit cf340c2

Please sign in to comment.