Update Tor, Lyrebird and Bouncy Castle.

The Bouncy Castle update fixes a CVE in Ed25519 signature verification: https://www.bouncycastle.org/resources/java-release-1-78-1-is-now-available-for-download/
2026-02-11 18:29:05 +01:00 · 2025-10-27 12:23:37 +00:00
parent a53e3f2d47
commit 7b6dd54977
4 changed files with 13 additions and 11 deletions
--- a/bramble-core/witness.gradle
+++ b/bramble-core/witness.gradle
@@ -31,7 +31,7 @@ dependencyVerification {
 		'net.ltgt.gradle.incap:incap:0.2:incap-0.2.jar:b625b9806b0f1e4bc7a2e3457119488de3cd57ea20feedd513db070a573a4ffd',
 		'org.apache-extras.beanshell:bsh:2.0b6:bsh-2.0b6.jar:a17955976070c0573235ee662f2794a78082758b61accffce8d3f8aedcd91047',
 		'org.bitlet:weupnp:0.1.4:weupnp-0.1.4.jar:88df7e6504929d00bdb832863761385c68ab92af945b04f0770b126270a444fb',
-		'org.bouncycastle:bcprov-jdk15to18:1.71:bcprov-jdk15to18-1.71.jar:143aaa4a40edd5fc2a18db7900059f6c16f4d931b94b94b20f7e2238e6662886',
+		'org.bouncycastle:bcprov-jdk15to18:1.82:bcprov-jdk15to18-1.82.jar:9c9ccecb08a0b00bd2a74afa6567d81d61a02bba1364f24e33fa0c4c1e929821',
 		'org.briarproject:jtorctl:0.5:jtorctl-0.5.jar:43f8c7d390169772b9a2c82ab806c8414c136a2a8636c555e22754bb7260793b',
 		'org.briarproject:null-safety:0.1:null-safety-0.1.jar:161760de5e838cb982bafa973df820675d4397098e9a91637a36a306d43ba011',
 		'org.briarproject:onionwrapper-core:0.1.3:onionwrapper-core-0.1.3.jar:32d08c9d81a9591e08d7e64e3569334fee21f503b00514006f2e6cbbd409d0df',