Skip to content

CVE-2023-33201 - new Encryption SDK release? #1669

New issue
New issue
Closed
Closed
CVE-2023-33201 - new Encryption SDK release?#1669
Labels
pending releaseCode is merged but has not been pushed to Maven.
@mrwilby

Description

@mrwilby
mrwilby
opened on Jun 23, 2023

This library appears to depend upon a vulnerable release of bouncy castle (BC).

Is it possible to bump the dependencies to a patched BC version and release a new artifact?

https://github.com/bcgit/bc-java/wiki/CVE-2023-33201

Metadata

Metadata

Assignees

No one assigned

    Labels

    pending releaseCode is merged but has not been pushed to Maven.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions