Skip to content
Unverified Commit 31974d3c authored by Mark Waite's avatar Mark Waite Committed by GitHub
Browse files

Update bundled Apache Mina-sshd plugins (#7623) 

Embed Apache mina sshd plugins 2.9.2 (common and core)

Update `sshd-common` plugin and `sshd-core` plugin from
2.9.1-44.v476733c11f82 to 2.9.2-50.va_0e1f42659a_a

Changelog

https://github.com/apache/mina-sshd/blob/master/docs/changes/2.9.2.md
links to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45047
Unsafe deserialization in SimpleGeneratorHostKeyProvider

Jenkins core does not reference the SimpleGeneratorHostKeyProvider class.

It is referenced from sshd plugin at
https://github.com/jenkinsci/sshd-plugin/blob/251d59011530b4d3a4db4a3e6ee8f076c61c3bfe/src/main/java/org/jenkinsci/main/modules/sshd/SSHD.java#L162

Users can upgrade the plugin themselves during installation but it is
easier if we bundle the updated plugin version with new releases rather
than requiring that the user perform the update.
parent 27358385
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment