Closed barchetta closed 1 week ago
There is high security issue based on the release notes to versions prior 1.78, so please prioritize this upgrade accordingly, thanks.
For details see CVE-2024-301XX on page https://www.bouncycastle.org/releasenotes.html#r1rv78
Hi @robander - This is already prioritised and is in our roadmap to upgrade the bouncy castle. Please watch this issue for further updates.
Thanks @jyotisaini I assume there is no ETA which could be shared here?
Any status on this?
ETA for the bouncy castle upgrade is 06/04.
@jyotisaini was this released yesterday or is there a new timeline please ?
Hi Robert this is scheduled to go out on 06/11.
Just confirming this has been released yesterday - v3.43.2 - see pom.xml file in https://github.com/oracle/oci-java-sdk/compare/v3.43.1...v3.43.2
Closing as this is fixed in v3.43.2
Please upgrade Bouncy Castle to 1.78 or newer
https://www.bouncycastle.org/releasenotes.html#r1rv78