Loading...

XML

Word

Printable

Type: Component Upgrade
Resolution: Unresolved
Priority: Critical
Fix Version/s: 7.4.22.GA
Affects Version/s: 7.4.20.GA
Component/s: Security
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.4.z.GA
Git Pull Request:
https://github.com/wildfly-security/wildfly-elytron/pull/2250
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

SSHD 2.9.3+ addresses CVE-2023-35887. We upgraded to this SSHD component version in EAP 7.4.14+ and SSHD 2.12.0 in EAP 8.0.1, but neglected at the time to also update Elytron's SSHD dependency, which is still at SSHD 2.9.2 for Elytron 1.15.x and 2.2.x.

clones

ELY-2874 Upgrade Elytron 1.15.x and 2.2.x's SSHD dependency to 2.12.1

Pull Request Sent

relates to

JBEAP-25627 (7.4.z) Upgrade SSHD from 2.9.2.redhat-00001 to 2.9.3.redhat-00001

Closed

links to

RHSA-2025:144440 Red Hat JBoss Enterprise Application Platform 7.4.22 security update

RHSA-2025:144441 Red Hat JBoss Enterprise Application Platform 7.4.22 security update

RHSA-2025:144442 Red Hat JBoss Enterprise Application Platform 7.4.22 security update

RHSA-2025:144443 Red Hat JBoss Enterprise Application Platform 7.4.22 security update

(1 links to)

Assignee:: Lukas Vydra

Reporter:: Aaron Ogburn

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2025/01/27 5:57 PM

Updated:: 2025/02/19 2:36 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates