[mina-sshd] branch master updated: Mention CVE-2022-45047 fixed

[tw...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

twolf pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git


The following commit(s) were added to refs/heads/master by this push:
     new 03238d515 Mention CVE-2022-45047 fixed
03238d515 is described below

commit 03238d51586f6b3c0bdbb1a23cf16799344d6c32
Author: Thomas Wolf <tw...@apache.org>
AuthorDate: Tue Nov 15 23:43:04 2022 +0100

    Mention CVE-2022-45047 fixed
---
 docs/changes/2.9.2.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/changes/2.9.2.md b/docs/changes/2.9.2.md
index 5f2d15224..a23163188 100644
--- a/docs/changes/2.9.2.md
+++ b/docs/changes/2.9.2.md
@@ -2,6 +2,9 @@
 
 ## Bug fixes
 
+* [CVE-2022-45047](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45047) Unsafe deserialization in `org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider`
+
+
 * [SSHD-1173](https://issues.apache.org/jira/browse/SSHD-1173) Not fully using up a channel window may lead to hangs (see [Channel windows](#channelwindows0) below)
 * [SSHD-1287](https://issues.apache.org/jira/browse/SSHD-1287) SFTP: reading with buffers larger than 126kB leads to data corruption
 * [SSHD-1293](https://issues.apache.org/jira/browse/SSHD-1293) ExplicitPortForwardingTracker does not unbind auto-allocated port
@@ -11,6 +14,7 @@
 * [SSHD-1303](https://issues.apache.org/jira/browse/SSHD-1303) Reading from redirected Channel.getInvertedErr() delivers stdout; should be at EOF
 * [SSHD-1307](https://issues.apache.org/jira/browse/SSHD-1307) [NIO2] TCP/IP port forwarding: shut down output stream only after pending writes have been written
 
+
 * [GH-263](https://github.com/apache/mina-sshd/issues/263)  Race condition in BufferedIoOutputStream
 * [GH-266](https://github.com/apache/mina-sshd/issues/266)  ChannelPipedOutputStream.flush() must be a no-op