Update bouncycastle library to v1.80 in Microsoft File Connector and Microsoft CRM Connector (MINDBREEZE32061)

ID: MINDBREEZE32061 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: Medium 
Status: Final 
First published: April 28, 2025 
CVEs: CVE-2024-30171, CVE-2024-29857 

Summary 

- CVE-2024-30171: org.bouncycastle timing difference RSA key exchange handshakes
- CVE-2024-29857: org.bouncycastle Allocation of Resources Without Limits in certificate verification 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 25.2 Release
• Mindbreeze InSpire Saas 25.2 Release