From c8b8fb4e82d33a470f10a447f4799cc872fb3c01 Mon Sep 17 00:00:00 2001
From: PJ Fanning <pjfanning@users.noreply.github.com>
Date: Tue, 21 Oct 2025 02:42:28 +0100
Subject: [PATCH] HADOOP-19730. Upgrade Bouncycastle to 1.82 due to
 CVE-2025-8916 (#8039) Contributed by PJ Fanning

* HADOOP-19730. Upgrade Bouncycastle to 1.82 due to CVE-2025-8916

Signed-off-by: Shilun Fan <slfan1989@apache.org>
---
 LICENSE-binary                                              | 6 +++---
 .../hadoop-cos/src/site/markdown/cloud-storage/index.md     | 2 +-
 hadoop-project/pom.xml                                      | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/LICENSE-binary b/LICENSE-binary
index fca54b86e8845..120ff15f81896 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -479,9 +479,9 @@ com.microsoft.azure:azure-cosmosdb-gateway:2.4.5
 com.microsoft.azure:azure-data-lake-store-sdk:2.3.3
 com.microsoft.azure:azure-keyvault-core:1.0.0
 com.microsoft.sqlserver:mssql-jdbc:6.2.1.jre7
-org.bouncycastle:bcpkix-jdk18on:1.78.1
-org.bouncycastle:bcprov-jdk18on:1.78.1
-org.bouncycastle:bcutil-jdk18on:1.78.1
+org.bouncycastle:bcpkix-jdk18on:1.82
+org.bouncycastle:bcprov-jdk18on:1.82
+org.bouncycastle:bcutil-jdk18on:1.82
 org.checkerframework:checker-qual:3.8.0
 org.codehaus.mojo:animal-sniffer-annotations:1.24
 org.jruby.jcodings:jcodings:1.0.13
diff --git a/hadoop-cloud-storage-project/hadoop-cos/src/site/markdown/cloud-storage/index.md b/hadoop-cloud-storage-project/hadoop-cos/src/site/markdown/cloud-storage/index.md
index 60c9c9065946f..fe1269a3d9eef 100644
--- a/hadoop-cloud-storage-project/hadoop-cos/src/site/markdown/cloud-storage/index.md
+++ b/hadoop-cloud-storage-project/hadoop-cos/src/site/markdown/cloud-storage/index.md
@@ -86,7 +86,7 @@ Linux kernel 2.6+
 - joda-time (version 2.9.9 recommended)
 - httpClient (version 4.5.1 or later recommended)
 - Jackson: jackson-core, jackson-databind, jackson-annotations (version 2.9.8 or later)
-- bcprov-jdk18on (version 1.78.1 recommended)
+- bcprov-jdk18on (version 1.82 recommended)
 
 
 #### Configure Properties
diff --git a/hadoop-project/pom.xml b/hadoop-project/pom.xml
index b17e5e15d37dc..08a78805c45cc 100644
--- a/hadoop-project/pom.xml
+++ b/hadoop-project/pom.xml
@@ -111,7 +111,7 @@
     <guava.version>32.0.1-jre</guava.version>
     <guice.version>4.2.3</guice.version>
 
-    <bouncycastle.version>1.78.1</bouncycastle.version>
+    <bouncycastle.version>1.82</bouncycastle.version>
 
     <!-- Required for testing LDAP integration -->
     <apacheds.version>2.0.0.AM26</apacheds.version>