Skip to content

Bump sslcontext-kickstart-for-pem from 7.4.11 to 8.1.7

dependabot requested to merge dependabot-maven-io.github.hakky54-sslcontext-kickstart-for-pem-8.1.7 into main

Bumps sslcontext-kickstart-for-pem from 7.4.11 to 8.1.7.

Changelog

Sourced from sslcontext-kickstart-for-pem's changelog.

v8.1.7

  • Resolved CVE-2023-33201 LDAP injection vulnerability caused by transitive dependency of Bouncy Castle in the library of sslcontext-kickstart-for-pem
  • Bumped dependencies
  • Filter out duplicate extracted certificates
  • Add appending capabilities to an existing keystore
  • Added option to extract port from uri

v8.1.6

  • Bug-fix Resolved antivirus alert by removing shell script layer from Mac OS X command to fetch system trusted Certificate Authorities
  • Bug-fix Resolved antivirus alert by excluding ~/Library/Keychains/login.keychain-db keychain file from MacCertificateUtils
  • Bumped dependencies
  • Added method to check if a certificate is a self-signed one in CertificateUtils

v8.1.5

  • Bug-fix Resolve exception for system certificates on Mac and Linux
  • Bump dependencies
  • Reduce code duplication

v8.1.4

  • Bug-fix Filter out unsupported ciphers and protocols

v8.1.3

  • Added default hostname verifier in HostnameVerifierUtils
  • Marked a method in HostnameVerifierUtils as deprecated
  • Align behaviour of SSLContext, SSLEngine, SSLSocketFactory and SSLServerSocketFactory with custom SSLContext
  • Added Enhanceable HostnameVerifier
  • Improve duplicate checker for InflatableTrustManager

v8.1.2

  • Add support for new Windows KeyStore types
  • Added debug logger when using UnsafeTrustManager
  • Bump dependencies
  • Improve readability of InflatableTrustManager
  • Reduced code duplication
  • Additional methods for KeyStoreUtils
  • Simplify usage of EnhanceableTrustManager and InflatableTrustManager
  • Made CertificateExtractorUtils thread safe
  • Applied sonar recommendations

v8.1.1

  • Bug fix InvalidAlgorithmParameterException: trustAnchors parameter must be non empty for InflatableTrustManager
  • Bug fix InvalidAlgorithmParameterException: trustAnchors parameter must be non empty for CombinableTrustManager

v8.1.0

  • Add support for trusting additional certificates at runtime
  • Bugfix concurrency issue FenixHostnameVerifier
  • Improved generating aliases for certificates

... (truncated)

Commits
  • 38c8bd5 [maven-release-plugin] prepare release v8.1.7
  • 9f82cd8 Updated docs
  • 6784b62 Fixes #387 by moving to latest Bouncy Castle for Java 8
  • e4fe009 Bump version.netty-handler from 4.1.98.Final to 4.1.99.Final (#385)
  • 956f09b Bump com.mycila:license-maven-plugin from 4.2 to 4.3 (#386)
  • 3e8c7af Include Java 21 for GitHub CI (#383)
  • f98c0f5 Added asserting exception class
  • 6136b9e Bump version.netty-handler from 4.1.97.Final to 4.1.98.Final (#382)
  • 955900e Retain the order of processing in the resulting collection
  • db17b0d Retain the order of insertion for aliases
  • Additional commits viewable in compare view

Dependabot commands
You can trigger Dependabot actions by commenting on this MR
  • $dependabot rebase will rebase this MR
  • $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Merge request reports