Address bounce castle cve alert

chore: Update bouncy castle depdendency to address the following vulnerability: - [CVE-2023-33201](https://nvd.nist.gov/vuln/detail/CVE-2023-33201): Bouncy Castle For Java LDAP injection vulnerability Signed-off-by: Spolti <fspolti@redhat.com>
spolti · Nov 16, 2023 · b18bd44 · b18bd44
1 parent c1fb9fb
commit b18bd44
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/pom.xml b/pom.xml
@@ -74,7 +74,7 @@
     <!-- Care must be taken when updating the prometheus client lib version
          since we have some custom optimized extensions to this -->
     <prometheus-version>0.9.0</prometheus-version>
-    <bouncycastle-version>1.70</bouncycastle-version>
+    <bouncycastle-version>1.74</bouncycastle-version>
     <junit-version>5.9.3</junit-version>
 
     <dockerhome>${project.build.directory}/dockerhome</dockerhome>
@@ -450,7 +450,7 @@
        generate a self-signed server certificate -->
     <dependency>
       <groupId>org.bouncycastle</groupId>
-      <artifactId>bcpkix-jdk15on</artifactId>
+      <artifactId>bcpkix-jdk18on</artifactId>
       <version>${bouncycastle-version}</version>
     </dependency>