Spring Cloud Config Upgrade the bcprov-jdk18on dependency to 1.78

Upgrade org.bouncycastle:bcprov-jdk18on to 1.78.

maven/org.springframework.cloud/spring-cloud-starter-config@4.1.1 triggers numerous CVE warnings using dependency-check-maven plugin due to the bcprov-jdk18on transitive dependency:

• CVE-2024-30171
• CVE-2024-30172
• CVE-2024-29857

Workaround:

<dependencyManagement>
    …
    <dependency>
        <groupId>org.bouncycastle</groupId>
        <artifactId>bcprov-jdk18on</artifactId>
        <version>1.7.8</version>
    </dependency>
</dependencyManagement> 

This dependency is pulled in via spring-security-rsa 1.1.1 (not upgraded, yet) and spring-cloud-starter.

Comment From: ryanjbaxter

Closing in favor of https://github.com/dsyer/spring-security-rsa/issues/33 since that is where the change needs to be made.