diff options
author | Thomas Wolf <twolf@apache.org> | 2024-01-12 21:23:47 +0100 |
---|---|---|
committer | Matthias Sohn <matthias.sohn@sap.com> | 2024-01-20 01:16:19 +0100 |
commit | 18d0924a432f4654c7b4b2560d0acfedf6cea97c (patch) | |
tree | 2a93bbc3660dc36e3c1f16404164edd0e1bfce05 /WORKSPACE | |
parent | c4af3691225b5e43ec8059edeeddc6d913e948f6 (diff) | |
download | jgit-18d0924a432f4654c7b4b2560d0acfedf6cea97c.tar.gz jgit-18d0924a432f4654c7b4b2560d0acfedf6cea97c.zip |
[ssh] Bump Apache MINA sshd 2.11.0 -> 2.12.0
This includes the upstream fix for CVE-2023-48795[1] ("strict KEX"
protocol extension mitigating the "Terrapin attack"[2]) in JGit.
[1] https://nvd.nist.gov/vuln/detail/CVE-2023-48795
[2] https://www.terrapin-attack.com/
Bug: jgit-16
Change-Id: Ie9aa5b903ea6795bd1511afea0bebdb537b56148
Signed-off-by: Thomas Wolf <twolf@apache.org>
Diffstat (limited to 'WORKSPACE')
-rw-r--r-- | WORKSPACE | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -90,18 +90,18 @@ maven_jar( sha1 = "51cf043c87253c9f58b539c9f7e44c8894223850", ) -SSHD_VERS = "2.11.0" +SSHD_VERS = "2.12.0" maven_jar( name = "sshd-osgi", artifact = "org.apache.sshd:sshd-osgi:" + SSHD_VERS, - sha1 = "7ec6b14ab789fc4b1ce9fdcd0e13d22b5c940e7b", + sha1 = "32b8de1cbb722ba75bdf9898e0c41d42af00ce57", ) maven_jar( name = "sshd-sftp", artifact = "org.apache.sshd:sshd-sftp:" + SSHD_VERS, - sha1 = "3a293bba303c486a9ff6be8e11c9c68fd56b63c7", + sha1 = "0f96f00a07b186ea62838a6a4122e8f4cad44df6", ) JNA_VERS = "5.14.0" |