Bouncy Castle 1.65 instead of 1.54

[Neustradamus]

Bouncy Castle 1.65 instead of 1.54: https://www.bouncycastle.org/releasenotes.html

• http://www.bouncycastle.org/latest_releases.html

Note:

• In official source: https://polydistortion.net/bc/download/ Packages have not the "." in version.

• In maven.org: Packages have "." in version.

CVEs:

• https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=bouncy%20castle
• https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=bouncycastle
• https://www.cvedetails.com/vulnerability-list/vendor_id-7637/Bouncycastle.html

[jitsi-jenkins]

Hi, thanks for your contribution! If you haven't already done so, could you please make sure you sign our CLA (https://jitsi.org/icla for individuals and https://jitsi.org/ccla for corporations)? We would unfortunately be unable to merge your patch unless we have that piece :(.

[bgrozev]

Unfortunately I think there's breaking API changes

[ibauersachs]

The entire TLS API of BouncyCastle was migrated to a different library. This is a note from when it was only deprecated:

Migrate to the (D)TLS API in org.bouncycastle.tls (bctls jar).

[bgrozev]

I'll close this one because the branch name clashes with the ones in other projects, leading to tests failing (see jitsi/jitsi-media-transform#253). Please re-open with a different branch name if necessary.

[Neustradamus]

@bgrozev: It is in master, I do not understand.

I need to open an identical PR that this here?

Please reopen this ticket, there is no solution here.

• https://github.com/jitsi/libjitsi/search?q=bouncycastle&unscoped_q=bouncycastle Bouncy Castle is always in 1.54.

[Neustradamus]

@bgrozev, @ibauersachs: Can you reopen please?

[ibauersachs]

As Boris said, please create a new PR with a different branch name.

[JonathanLennox]

Also, @Neustradamus, please review the failing "Build with Maven" step in the failing tests, above (linked from the red "x" next to the commit ID) and make sure that any new PR you submit builds correctly.

[Neustradamus]

Ok, can you reopen, it is better to have once PR ;) Why a new branch?

[bgrozev]

Why a new branch?

Our system for PR testing uses the branch name to match PRs between different projects. For example, the jitsi-media-transform PR test was failing because it was trying to also build libjitsi from this PR, causing un unrelated failure. If we re-open it, all of your PRs with this branch name will fail.