[NIFI-12257] Upgrade SSHD to 2.9.3 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.24.0
Component/s: NiFi Registry
Labels:
None

Description

Apache MINA SSHD dependencies should be upgraded to 2.9.3 on the support branch to mitgate CVE-2023-35887. The vulnerability applies to SFTP server implementations and is not directly applicable to transitive usage in NiFi Registry, but upgrading mitigates version-based vulnerability findings.

Attachments

Issue Links

links to

GitHub Pull Request #7914

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/Oct/23 13:37

Updated:: 20/Oct/23 15:35

Resolved:: 20/Oct/23 15:35

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

0.5h