From cf340c2a098a253a40b7f0c179c979d802df03e4 Mon Sep 17 00:00:00 2001
From: eshaffer321 <erick.shaffer321@gmail.com>
Date: Wed, 17 Apr 2024 04:32:46 -0600
Subject: [PATCH] Update bouncyCastle to 1.78 to mitigate CVE-2024-29857 (#938)

Bouncy Caste version before 1.78 have

CVE-2024-29857 - Importing an EC certificate with specially crafted F2m parameters can cause high CPU usage during parameter evaluation.

Is sshj impacted by this vulnerability?
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index b34e80cb..d131fc2b 100644
--- a/build.gradle
+++ b/build.gradle
@@ -41,7 +41,7 @@ compileJava {
 
 configurations.implementation.transitive = false
 
-def bouncycastleVersion = "1.75"
+def bouncycastleVersion = "1.78"
 def sshdVersion = "2.10.0"
 
 dependencies {