Loading...

XML

Word

Printable

Type: Component Upgrade
Resolution: Unresolved
Priority: Critical
Fix Version/s: None
Affects Version/s: 1.15.24.Final, 2.2.7.Final
Component/s: None
Labels:
None

Git Pull Request:
https://github.com/wildfly-security/wildfly-elytron/pull/2250, https://github.com/wildfly-security/wildfly-elytron/pull/2251

SSHD 2.9.3+ addresses CVE-2023-35887. We upgraded to this SSHD component version in EAP 7.4.14+ and SSHD 2.12.0 in EAP 8.0.1, but neglected at the time to also update Elytron's SSHD dependency, which is still at SSHD 2.9.2 for Elytron 1.15.x and 2.2.x.

is cloned by

JBEAP-28989 [GSS](7.4.z) ELY-2874 - Upgrade Elytron 1.15.x's SSHD dependency to 2.12.1

Pull Request Sent

JBEAP-28990 [GSS](8.0.z) ELY-2874 - Upgrade Elytron 2.2.x's SSHD dependency to 2.12.1

Pull Request Sent

relates to

JBEAP-25627 (7.4.z) Upgrade SSHD from 2.9.2.redhat-00001 to 2.9.3.redhat-00001

Closed

Assignee:: Lukas Vydra

Reporter:: Aaron Ogburn

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/01/27 5:42 PM

Updated:: 2025/01/29 7:08 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates