This is an automated email from the ASF dual-hosted git repository.
twolf pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git
The following commit(s) were added to refs/heads/master by this push:
new 03238d515 Mention CVE-2022-45047 fixed
03238d515 is described below
commit 03238d51586f6b3c0bdbb1a23cf16799344d6c32
Author: Thomas Wolf <[email protected]>
AuthorDate: Tue Nov 15 23:43:04 2022 +0100
Mention CVE-2022-45047 fixed
---
docs/changes/2.9.2.md | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/docs/changes/2.9.2.md b/docs/changes/2.9.2.md
index 5f2d15224..a23163188 100644
--- a/docs/changes/2.9.2.md
+++ b/docs/changes/2.9.2.md
@@ -2,6 +2,9 @@
## Bug fixes
+*
[CVE-2022-45047](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45047)
Unsafe deserialization in
`org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider`
+
+
* [SSHD-1173](https://issues.apache.org/jira/browse/SSHD-1173) Not fully using
up a channel window may lead to hangs (see [Channel windows](#channelwindows0)
below)
* [SSHD-1287](https://issues.apache.org/jira/browse/SSHD-1287) SFTP: reading
with buffers larger than 126kB leads to data corruption
* [SSHD-1293](https://issues.apache.org/jira/browse/SSHD-1293)
ExplicitPortForwardingTracker does not unbind auto-allocated port
@@ -11,6 +14,7 @@
* [SSHD-1303](https://issues.apache.org/jira/browse/SSHD-1303) Reading from
redirected Channel.getInvertedErr() delivers stdout; should be at EOF
* [SSHD-1307](https://issues.apache.org/jira/browse/SSHD-1307) [NIO2] TCP/IP
port forwarding: shut down output stream only after pending writes have been
written
+
* [GH-263](https://github.com/apache/mina-sshd/issues/263) Race condition in
BufferedIoOutputStream
* [GH-266](https://github.com/apache/mina-sshd/issues/266)
ChannelPipedOutputStream.flush() must be a no-op
