[ssh] Bump Apache MINA sshd 2.11.0 -> 2.12.0

This includes the upstream fix for CVE-2023-48795[1] ("strict KEX" protocol extension mitigating the "Terrapin attack"[2]) in JGit. [1] https://nvd.nist.gov/vuln/detail/CVE-2023-48795 [2] https://www.terrapin-attack.com/ Bug: jgit-16 Change-Id: Ie9aa5b903ea6795bd1511afea0bebdb537b56148 Signed-off-by: Thomas Wolf <twolf@apache.org>
author: Thomas Wolf <twolf@apache.org> 2024-01-12 21:23:47 +0100
committer: Matthias Sohn <matthias.sohn@sap.com> 2024-01-20 01:16:19 +0100
commit: 18d0924a432f4654c7b4b2560d0acfedf6cea97c (patch)
tree: 2a93bbc3660dc36e3c1f16404164edd0e1bfce05 /org.eclipse.jgit.packaging/org.eclipse.jgit.target/maven
parent: c4af3691225b5e43ec8059edeeddc6d913e948f6 (diff)
download: jgit-18d0924a432f4654c7b4b2560d0acfedf6cea97c.tar.gz
jgit-18d0924a432f4654c7b4b2560d0acfedf6cea97c.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/org.eclipse.jgit.packaging/org.eclipse.jgit.target/maven/dependencies.tpd b/org.eclipse.jgit.packaging/org.eclipse.jgit.target/maven/dependencies.tpd
index a44c867be7..abd8e24d30 100644
--- a/org.eclipse.jgit.packaging/org.eclipse.jgit.target/maven/dependencies.tpd
+++ b/org.eclipse.jgit.packaging/org.eclipse.jgit.target/maven/dependencies.tpd
@@ -223,12 +223,12 @@ maven sshd
 	dependency {
 		groupId = "org.apache.sshd"
 		artifactId = "sshd-osgi"
-		version = "2.11.0"
+		version = "2.12.0"
 	}
 	dependency {
 		groupId = "org.apache.sshd"
 		artifactId = "sshd-sftp"
-		version = "2.11.0"
+		version = "2.12.0"
 	}
 }
author	Thomas Wolf <twolf@apache.org>	2024-01-12 21:23:47 +0100
committer	Matthias Sohn <matthias.sohn@sap.com>	2024-01-20 01:16:19 +0100
commit	18d0924a432f4654c7b4b2560d0acfedf6cea97c (patch)
tree	2a93bbc3660dc36e3c1f16404164edd0e1bfce05 /org.eclipse.jgit.packaging/org.eclipse.jgit.target/maven
parent	c4af3691225b5e43ec8059edeeddc6d913e948f6 (diff)
download	jgit-18d0924a432f4654c7b4b2560d0acfedf6cea97c.tar.gz jgit-18d0924a432f4654c7b4b2560d0acfedf6cea97c.zip