Uploaded image for project: 'TomEE'
  1. TomEE
  2. TOMEE-4336

Upgrade bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar

    XMLWordPrintableJSON

Details

    • Dependency upgrade
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 9.1.3
    • 9.1.4
    • TomEE Core Server
    • None

    Description

      New vulnerabilities in bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar

      Looks like these are already addressed in 1.78 version, so upgrade to 1.78 or 1.78.1

      bcprov-jdk15to18-1.76.jar

      CVE-2024-29857
      CVE-2024-30171
      CVE-2024-30172
      CVE-2024-34447

      bcpkix-jdk15to18-1.76.jar

      CVE-2024-29857
      CVE-2024-30171
      CVE-2024-30172

      Attachments

        Issue Links

          is cloned by

          Dependency upgrade - Upgrading a dependency to a newer version TOMEE-4337 bcprov-jdk15to18-1.76.jar and bcpkix-jdk15to18-1.76.jar

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              jungm Markus Jung
              rthannee RAJU THANNEERU
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: