TEZ-4560. Upgrade bouncycastle to 1.77 due to CVE.

[slfan1989]

JIRA: TEZ-4560. Upgrade bouncycastle to 1.77 due to CVE.

There are 2 CVE issues in bcprov-jdk15on, CVE-2023-33202 and CVE-2023-33201. We can find more information at the following link:

https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on/1.70

The link to the CVE is as follows:

CVE-2023-33202
CVE-2023-33201

We can upgrade bcprov-jdk15on to bcprov-jdk18on to address the CVE issues.

[tez-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Comment
+0 🆗	reexec	12m 23s	Docker mode activated.
		_ Prechecks _
+1 💚	dupname	0m 0s	No case conflicting files found.
+1 💚	@author	0m 0s	The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s	The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
		_ master Compile Tests _
+0 🆗	mvndep	6m 50s	Maven dependency ordering for branch
+1 💚	mvninstall	9m 20s	master passed
+1 💚	compile	1m 59s	master passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu222.04.1
+1 💚	compile	1m 58s	master passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~22.04-b06
+1 💚	javadoc	1m 40s	master passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu222.04.1
+1 💚	javadoc	1m 25s	master passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~22.04-b06
		_ Patch Compile Tests _
+0 🆗	mvndep	0m 16s	Maven dependency ordering for patch
+1 💚	mvninstall	2m 53s	the patch passed
+1 💚	compile	2m 3s	the patch passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu222.04.1
+1 💚	javac	2m 3s	the patch passed
+1 💚	compile	1m 52s	the patch passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~22.04-b06
+1 💚	javac	1m 52s	the patch passed
+1 💚	whitespace	0m 0s	The patch has no whitespace issues.
+1 💚	xml	0m 3s	The patch has no ill-formed XML file.
+1 💚	javadoc	1m 26s	the patch passed with JDK Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu222.04.1
+1 💚	javadoc	1m 25s	the patch passed with JDK Private Build-1.8.0_402-8u402-ga-2ubuntu1~22.04-b06
		_ Other Tests _
+1 💚	unit	2m 5s	tez-api in the patch passed.
-1 ❌	unit	27m 57s	tez-tests in the patch failed.
-1 ❌	unit	41m 24s	root in the patch failed.
+1 💚	asflicense	1m 3s	The patch does not generate ASF License warnings.
		119m 3s

Reason	Tests
Failed junit tests	tez.test.TestAMRecovery
	tez.test.TestRecovery
	tez.test.TestDAGRecovery
	tez.test.TestAMRecovery
	tez.test.TestRecovery
	tez.test.TestDAGRecovery

Subsystem	Report/Notes
Docker	ClientAPI=1.45 ServerAPI=1.45 base: https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-351/1/artifact/out/Dockerfile
GITHUB PR	#351
Optional Tests	dupname asflicense javac javadoc unit xml compile
uname	Linux f3b56d90114b 5.15.0-94-generic #104-Ubuntu SMP Tue Jan 9 15:25:40 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	personality/tez.sh
git revision	master / 906059a
Default Java	Private Build-1.8.0_402-8u402-ga-2ubuntu1~22.04-b06
Multi-JDK versions	/usr/lib/jvm/java-11-openjdk-amd64:Ubuntu-11.0.22+7-post-Ubuntu-0ubuntu222.04.1 /usr/lib/jvm/java-8-openjdk-amd64:Private Build-1.8.0_402-8u402-ga-2ubuntu1~22.04-b06
unit	https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-351/1/artifact/out/patch-unit-tez-tests.txt
unit	https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-351/1/artifact/out/patch-unit-root.txt
Test Results	https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-351/1/testReport/
Max. process+thread count	1527 (vs. ulimit of 5500)
modules	C: tez-api tez-tests . U: .
Console output	https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-351/1/console
versions	git=2.34.1 maven=3.6.3
Powered by	Apache Yetus 0.12.0 https://yetus.apache.org

This message was automatically generated.

[abstractdog]

failing unit tests are because of TEZ-4559, this looks good to me