-
Bug
-
Resolution: Fixed
-
Major
-
None
-
-
2.390 2.387.1
We are getting the following vulnerability report from newly built Jenkins servers using the latest weekly build (2.389) :
CVE-2022-45047 MINA SSHD
We think its related to the following:
/usr/share/java/jenkins.war/WEB-INF/detached-plugins/mina-sshd-api-common.hpi/WEB-INF/lib/sshd-common-2.9.1.jar
{}The vulnerability is fixed in version 2.9.2
Can someone update this plugin within the next weekly build ? as this is blocking us from deploying Jenkins in our environment.
- is related to
-
JENKINS-70571 Update bundled Apache Mina-sshd plugins from 2.9.1 to 2.9.2
-
- Closed
-
- links to
[JENKINS-70554] CVE-2022-45047 MINA SSHD - Please update Mina SSHD API :: Common
Assignee | Original: Jesse Glick [ jglick ] | |
Resolution | New: Fixed [ 1 ] | |
Status | Original: Open [ 1 ] | New: Closed [ 6 ] |
Released As | New: 2.379 |
Resolution | Original: Fixed [ 1 ] | |
Status | Original: Closed [ 6 ] | New: Reopened [ 4 ] |
Status | Original: Reopened [ 4 ] | New: Open [ 1 ] |
Remote Link | New: This issue links to "Core PR 7623 - Update bundled Apache Mina SSHD plugins to 2.9.2 (Web Link)" [ 28459 ] |
Assignee | New: Mark Waite [ markewaite ] |
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
Released As | Original: 2.379 |
Labels | New: lts-candidate |