Update BouncyCastle FIPS

[gpl/argeo-tp.git] / repackage / crypto / fips / org.argeo.tp.crypto / bouncycastle / bc-noncert.bnd.disabled

diff --git a/repackage/crypto/fips/org.argeo.tp.crypto/bouncycastle/bc-noncert.bnd.disabled b/repackage/crypto/fips/org.argeo.tp.crypto/bouncycastle/bc-noncert.bnd.disabled
new file mode 100644 (file)
index 0000000..4788299
--- /dev/null
+++ b/repackage/crypto/fips/org.argeo.tp.crypto/bouncycastle/bc-noncert.bnd.disabled
@@ -0,0 +1,5 @@
+# !! The current version is unsafe, see:
+# https://github.com/bcgit/bc-java/wiki/CVE-2022-45146
+Argeo-Origin-M2: org.bouncycastle:bc-noncert:1.0.2.4
+Argeo-Origin-URI: https://downloads.bouncycastle.org/fips-java/bc-noncert-1.0.2.4.jar
+Argeo-Origin-Sources-URI: https://downloads.bouncycastle.org/fips-java/bc-noncert-1.0.2.4-sources.jar