Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-15832

Upgrade BouncyCastle to 1.60

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.2.0, 3.3.0
    • Fix Version/s: 3.3.0, 3.2.1
    • Component/s: None
    • Labels:
      None
    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      As part of my work on YARN-6586, I noticed that we're using a very old version of BouncyCastle:

      <dependency>
         <groupId>org.bouncycastle</groupId>
         <artifactId>bcprov-jdk16</artifactId>
         <version>1.46</version>
         <scope>test</scope>
      </dependency>
      

      The *-jdk16 artifacts have been discontinued and are not recommended (see http://bouncy-castle.1462172.n4.nabble.com/Bouncycaslte-bcprov-jdk15-vs-bcprov-jdk16-td4656252.html).
      In particular, the newest release, 1.46, is from 2011!
      https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk16

      The currently maintained and recommended artifacts are *-jdk15on:
      https://www.bouncycastle.org/latest_releases.html
      They're currently on version 1.60, released only a few months ago.

      We should update BouncyCastle to the *-jdk15on artifacts and the 1.60 release. It's currently a test-only artifact, so there should be no backwards-compatibility issues with updating this. It's also needed for YARN-6586, where we'll actually be shipping it.

        Attachments

        1. HADOOP-15832.001.patch
          13 kB
          Robert Kanter
        2. HADOOP-15832.addendum.patch
          0.4 kB
          Robert Kanter

        Issue Links

          Activity

            People

            • Assignee:
              rkanter Robert Kanter
              Reporter:
              rkanter Robert Kanter

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment