IGNITE-13084 Update BouncyCastle dependency to fix potential vulnerability - Fixes apache#7861.

SammyVimes · alamar · commit 1bd45aa52c20 · 2020-06-09T12:55:46.000+03:00
Signed-off-by: Ilya Kasnacheev &lt;ilya.kasnacheev@gmail.com&gt;
diff --git a/modules/aws/pom.xml b/modules/aws/pom.xml
@@ -102,6 +102,18 @@
             <groupId>com.amazonaws</groupId>
             <artifactId>aws-encryption-sdk-java</artifactId>
             <version>${aws.encryption.sdk.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.bouncycastle</groupId>
+                    <artifactId>bcprov-ext-jdk15on</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-ext-jdk15on</artifactId>
+            <version>${bouncycastle.version}</version>
         </dependency>
 
         <dependency>
diff --git a/parent/pom.xml b/parent/pom.xml
@@ -55,6 +55,7 @@
         <aws.sdk.version>1.11.75</aws.sdk.version>
         <camel.version>2.22.0</camel.version>
         <aws.encryption.sdk.version>1.3.2</aws.encryption.sdk.version>
+        <bouncycastle.version>1.60</bouncycastle.version>
         <commons.beanutils.bundle.version>1.9.2_1</commons.beanutils.bundle.version>
         <commons.beanutils.version>1.9.4</commons.beanutils.version>
         <commons.codec.version>1.11</commons.codec.version>
