[SET-191] Update JCraft JSch version to 0.1.55 due to 3rd party vulnerability issues (CVE-2016-5725) - SOS JIRA

XML

Word

Printable

Details

Type: Fix
Status: Released (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.12.12, 1.13.3
Fix Version/s: 1.12.13, 1.13.4
Labels:
None

CVE-ID:
CVE-2016-5725

Description

Current Situation

Currently JobScheduler uses JCraft JSch version 0.1.53
A vulnerability affects this version, see https://nvd.nist.gov/vuln/detail/CVE-2016-5725
The JobScheduler is not affected by the vulnerability

Desired Behavior

Due to the vulnerability Issue of the JCraft JSch release and the bugfixes provided with the current JSch version the JobScheduler should use the current version 0.1.55.

Attachments

Activity

People

Assignee:: Santiago Aucejo Petzoldt

Reporter:: Santiago Aucejo Petzoldt

Approver:: Kanika Agrawal

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 13 March 2020 10:30

Updated:: 29 July 2020 21:31

Resolved:: 13 March 2020 10:56