Bug 62113 - Update Bouncycastle Version to 1.59
Summary: Update Bouncycastle Version to 1.59
Status: RESOLVED FIXED
Alias: None
Product: JMeter
Classification: Unclassified
Component: Main (show other bugs)
Version: Nightly (Please specify date)
Hardware: PC All
: P2 normal (vote)
Target Milestone: JMETER_5.0
Assignee: JMeter issues mailing list
URL:
Keywords: FixedInTrunk
Depends on:
Blocks:
 
Reported: 2018-02-17 23:34 UTC by Olaf Flebbe
Modified: 2018-09-13 20:09 UTC (History)
1 user (show)



Attachments
patch file (1.86 KB, application/mbox)
2018-02-17 23:34 UTC, Olaf Flebbe
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Olaf Flebbe 2018-02-17 23:34:04 UTC
Created attachment 35734 [details]
patch file

Please update bouncycastle to latest version 1.59.

JMeter compiles and a very basic test worked.
Comment 1 Olaf Flebbe 2018-02-17 23:51:06 UTC
The version 1.49 of bouncycastle is known to be vulnerable and has at least two CVE's logged.

While I do not think jmeter has an open attack vendor (since it seems only be used for SMIME), I would recommend to update anyway.
Comment 2 Felix Schumacher 2018-02-18 09:50:25 UTC
Thanks for your contribution. It has been for long on my todo list.
When updating libraries, don't forget maven and eclipse :)

Date: Sun Feb 18 09:48:23 2018
New Revision: 1824652

URL: http://svn.apache.org/viewvc?rev=1824652&view=rev
Log:
Updated to latest Bouncycastle (v1.59)

Based on contribution by Olaf Flebbe (of at oflebbe.de)

Bugzilla Id: 62113

Modified:
    jmeter/trunk/build.properties
    jmeter/trunk/eclipse.classpath
    jmeter/trunk/res/maven/ApacheJMeter_parent.pom
    jmeter/trunk/xdocs/changes.xml
Comment 3 Olaf Flebbe 2018-02-18 09:59:30 UTC
Yep, the other references slipped my attention.
Thanks!
Comment 4 Felix Schumacher 2018-02-18 10:04:19 UTC
Date: Sun Feb 18 10:03:52 2018
New Revision: 1824655

URL: http://svn.apache.org/viewvc?rev=1824655&view=rev
Log:
Update contributors section and change mail address to apache

Bugzilla Id: 62113

Modified:
    jmeter/trunk/xdocs/changes.xml
Comment 5 Felix Schumacher 2018-02-18 10:05:52 UTC
Date: Sun Feb 18 10:05:28 2018
New Revision: 1824656

URL: http://svn.apache.org/viewvc?rev=1824656&view=rev
Log:
Use correct mail address

Bugzilla Id: 62113

Modified:
    jmeter/trunk/xdocs/changes.xml
Comment 6 Felix Schumacher 2018-09-13 20:09:01 UTC
Date: Thu Sep 13 20:08:28 2018
New Revision: 1840857

URL: http://svn.apache.org/viewvc?rev=1840857&view=rev
Log:
Update BouncyCastle to v1.60

As there has been no release since the last update to v1.59, this
commit will be added to the "old" bug entry.

Bugzilla Id: 62113

Modified:
    jmeter/trunk/build.properties
    jmeter/trunk/eclipse.classpath
    jmeter/trunk/res/maven/ApacheJMeter_parent.pom
    jmeter/trunk/xdocs/changes.xml