0.38.0 has high bouncycastle security vulnerability

[BernhardLenz]

According to mvnrepository, sshj version 0.38.0 uses org.bouncycastle:bcprov-jdk18on:jar:1.75.

However bouncycastle has a high security vulnerability: https://security.snyk.io/vuln/SNYK-JAVA-ORGBOUNCYCASTLE-6612984

Can you please release 0.39.0 with bounceycastle 1.78.1?

[exceptionfactory]

I submitted pull request #945 to upgrade Bouncy Castle to 1.78.1. For projects depending on SSHJ, it is possible to override the transitive dependency version of bcprov-jdk18on.

[hierynomus]

0.39.0 is released. I'll close this one.