Skip to content

Commit 0211074

Browse files
jztxuwei-k
jzt
authored and
xuwei-k
committed
Bump SSHJ to 0.26.0 (sirthias#45)
SSHJ 0.23.0 depends on bouncycastle 1.56, which is subject to the following vulnerabilities: https://nvd.nist.gov/vuln/detail/CVE-2018-1000180 https://nvd.nist.gov/vuln/detail/CVE-2018-1000613 https://nvd.nist.gov/vuln/detail/CVE-2018-1000180 Bumping to 0.26.0 would fix these transitive issues.
1 parent 96fdcb1 commit 0211074

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

build.sbt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@ scalafmtOnCompile := true
7070
scalafmtVersion := "1.4.0"
7171

7272
libraryDependencies ++= Seq(
73-
"com.hierynomus" % "sshj" % "0.23.0",
73+
"com.hierynomus" % "sshj" % "0.26.0",
7474
"org.slf4j" % "slf4j-api" % "1.7.25",
7575
"com.jcraft" % "jsch.agentproxy.sshj" % "0.0.9" % "provided",
7676
"com.jcraft" % "jsch.agentproxy.connector-factory" % "0.0.9" % "provided",

0 commit comments

Comments
 (0)