Uploaded image for project: 'PUBLIC - Liferay Portal Enterprise Edition'
  1. PUBLIC - Liferay Portal Enterprise Edition
  2. LPE-16894

Security vulnerability in Bouncy Castle Provider (Sync Connector)

    Details

      Description

      Liferay Sync Connector 4.1, and 5.0 includes Bouncy Castle Provider 1.54 which has known vulnerabilities. For more details, please see https://www.cvedetails.com/vulnerability-list/vendor_id-7637/product_id-12935/version_id-193687/Bouncycastle-Legion-of-the-bouncy-castle-java-crytography-ap.html

       

      Affected Products Fixed Version/s
      Liferay Sync Connector for DXP 7.0 4.1.5+
      Liferay Sync Connector for DXP 7.1 5.0.1+

        Attachments

          Activity

            People

            • Assignee:
              support-ee EE Support
              Reporter:
              EnterpriseReleaseHU Enterprise Release HU
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Packages

                Version Package
                7.0.X EE
                7.1.x EE
                7.2.X EE