From bf0946131f51d9d6135349be09b261d7c4e2800b Mon Sep 17 00:00:00 2001
From: eshaffer321 <erick.shaffer321@gmail.com>
Date: Mon, 15 Apr 2024 16:05:04 -0600
Subject: [PATCH] Update bouncyCastle to 1.78 to mitigate CVE-2024-29857

Bouncy Caste version before 1.78 have

CVE-2024-29857 - Importing an EC certificate with specially crafted F2m parameters can cause high CPU usage during parameter evaluation.

Is sshj impacted by this vulnerability?
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index b34e80cb..d131fc2b 100644
--- a/build.gradle
+++ b/build.gradle
@@ -41,7 +41,7 @@ compileJava {
 
 configurations.implementation.transitive = false
 
-def bouncycastleVersion = "1.75"
+def bouncycastleVersion = "1.78"
 def sshdVersion = "2.10.0"
 
 dependencies {