Created attachment 35734 [details] patch file Please update bouncycastle to latest version 1.59. JMeter compiles and a very basic test worked.
The version 1.49 of bouncycastle is known to be vulnerable and has at least two CVE's logged. While I do not think jmeter has an open attack vendor (since it seems only be used for SMIME), I would recommend to update anyway.
Thanks for your contribution. It has been for long on my todo list. When updating libraries, don't forget maven and eclipse :) Date: Sun Feb 18 09:48:23 2018 New Revision: 1824652 URL: http://svn.apache.org/viewvc?rev=1824652&view=rev Log: Updated to latest Bouncycastle (v1.59) Based on contribution by Olaf Flebbe (of at oflebbe.de) Bugzilla Id: 62113 Modified: jmeter/trunk/build.properties jmeter/trunk/eclipse.classpath jmeter/trunk/res/maven/ApacheJMeter_parent.pom jmeter/trunk/xdocs/changes.xml
Yep, the other references slipped my attention. Thanks!
Date: Sun Feb 18 10:03:52 2018 New Revision: 1824655 URL: http://svn.apache.org/viewvc?rev=1824655&view=rev Log: Update contributors section and change mail address to apache Bugzilla Id: 62113 Modified: jmeter/trunk/xdocs/changes.xml
Date: Sun Feb 18 10:05:28 2018 New Revision: 1824656 URL: http://svn.apache.org/viewvc?rev=1824656&view=rev Log: Use correct mail address Bugzilla Id: 62113 Modified: jmeter/trunk/xdocs/changes.xml
Date: Thu Sep 13 20:08:28 2018 New Revision: 1840857 URL: http://svn.apache.org/viewvc?rev=1840857&view=rev Log: Update BouncyCastle to v1.60 As there has been no release since the last update to v1.59, this commit will be added to the "old" bug entry. Bugzilla Id: 62113 Modified: jmeter/trunk/build.properties jmeter/trunk/eclipse.classpath jmeter/trunk/res/maven/ApacheJMeter_parent.pom jmeter/trunk/xdocs/changes.xml
This issue has been migrated to GitHub: https://github.com/apache/jmeter/issues/4697