[ https://issues.apache.org/jira/browse/NIFI-12258?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pierre Villard updated NIFI-12258: ---------------------------------- Resolution: Fixed Status: Resolved (was: Patch Available) > Upgrade SSHD to 2.11.0 > ---------------------- > > Key: NIFI-12258 > URL: https://issues.apache.org/jira/browse/NIFI-12258 > Project: Apache NiFi > Issue Type: Improvement > Components: NiFi Registry > Reporter: David Handermann > Assignee: David Handermann > Priority: Major > Labels: dependency-upgrade > Fix For: 2.0.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Apache MINA SSHD dependencies should be upgraded to 2.11.0 on the main branch > to mitgate CVE-2023-35887. The vulnerability applies to SFTP server > implementations and is not directly applicable to transitive usage in NiFi > Registry, but upgrading mitigates version-based vulnerability findings. -- This message was sent by Atlassian Jira (v8.20.10#820010)