CVE-2023-33201 in dependency bcprov-jdk15on (bouncycastle provider)

[bluen]

The vulnerability https://github.com/bcgit/bc-java/wiki/CVE-2023-33201 is (supposed to be) fixed in bouncycastle 1.74.

Fixing this in minio-java probably just means upgrading the gradle dependency from "org.bouncycastle:bcprov-jdk15on:1.70"
to "org.bouncycastle:bcprov-jdk18on:1.74", or if minio-java is supposed to support Java 5/6/7 to "org.bouncycastle:bcprov-jdk15to18:1.74"

From https://www.bouncycastle.org/latest_releases.html#LATEST

Java Version Details With the arrival of Java 15. jdk15 is not quite as unambiguous as it was. The jdk18on jars are compiled to work with anything from Java 1.8 up. They are also multi-release jars so do support some features that were introduced in Java 9, Java 11, and Java 15. If you have issues with multi-release jars see the jdk15to18 release jars below.