Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WFCORE-6676] CVE-2023-48795 Upgrade Apache Mina SSHD to 2.12.0 #5844

Merged
merged 1 commit into from
Jan 23, 2024
Merged

[WFCORE-6676] CVE-2023-48795 Upgrade Apache Mina SSHD to 2.12.0 #5844

merged 1 commit into from
Jan 23, 2024

Conversation

TomasHofman
Copy link
Contributor

@wildfly-ci
Copy link

Core -> Full Integration Build 13430 outcome was FAILURE using a merge of d74b7b8
Summary: Exit code 1 (Step: Build & test full (Maven)) Build time: 00:02:08

@wildfly-ci
Copy link

Core -> Full Integration Build 13191 outcome was FAILURE using a merge of d74b7b8
Summary: Exit code 1 (Step: Build & test full (Maven)) Build time: 00:02:10

@wildfly-ci
Copy link

Core -> WildFly Preview Integration Build 13254 outcome was FAILURE using a merge of d74b7b8
Summary: Exit code 1 (Step: Build & test full (Maven)) Build time: 00:02:13

@github-actions github-actions bot added the deps-ok Dependencies have been checked, and there are no significant changes label Jan 22, 2024
@TomasHofman
Copy link
Contributor Author

Hello @yersan , is there something wrong with the full integration tests? They fail with following, which I think is not caused by the changes in the commit:

[ERROR] [ERROR] Some problems were encountered while processing the POMs:

[12:52:21 ](https://ci.wildfly.org/buildConfiguration/WildFlyCore_PullRequest_GalleonWildFlyCoreFullIntegrationLinuxJdk11/413516?buildTab=log&focusLine=11552&linesState=11552&logView=flowAware)
  [ERROR] Non-resolvable import POM: Could not find artifact org.wildfly.core:wildfly-core-parent:pom:23.0.0.Final-SNAPSHOT in local-mirror (http://nexus.wildfly.int/nexus/repository/public/) @ line 563, column 25

[12:52:21 ](https://ci.wildfly.org/buildConfiguration/WildFlyCore_PullRequest_GalleonWildFlyCoreFullIntegrationLinuxJdk11/413516?buildTab=log&focusLine=11553&linesState=11553&logView=flowAware)
   @

[12:52:21 ](https://ci.wildfly.org/buildConfiguration/WildFlyCore_PullRequest_GalleonWildFlyCoreFullIntegrationLinuxJdk11/413516?buildTab=log&focusLine=11554&linesState=11554&logView=flowAware)
  [ERROR] The build could not read 1 project -> [Help 1]

[12:52:21 ](https://ci.wildfly.org/buildConfiguration/WildFlyCore_PullRequest_GalleonWildFlyCoreFullIntegrationLinuxJdk11/413516?buildTab=log&focusLine=11555&linesState=11555&logView=flowAware)
  [ERROR]

[12:52:21 ](https://ci.wildfly.org/buildConfiguration/WildFlyCore_PullRequest_GalleonWildFlyCoreFullIntegrationLinuxJdk11/413516?buildTab=log&focusLine=11556&linesState=11556&logView=flowAware)
  [ERROR]   The project org.wildfly:wildfly-parent:31.0.0.Final-SNAPSHOT (/opt/buildAgent/work/e8e0dd9c7c4ba60/full/pom.xml) has 1 error

[12:52:21 ](https://ci.wildfly.org/buildConfiguration/WildFlyCore_PullRequest_GalleonWildFlyCoreFullIntegrationLinuxJdk11/413516?buildTab=log&focusLine=11557&linesState=11557&logView=flowAware)
  [ERROR]     Non-resolvable import POM: Could not find artifact org.wildfly.core:wildfly-core-parent:pom:23.0.0.Final-SNAPSHOT in local-mirror (http://nexus.wildfly.int/nexus/repository/public/) @ line 563, column 25 -> [Help 2]

[12:52:21 ](https://ci.wildfly.org/buildConfiguration/WildFlyCore_PullRequest_GalleonWildFlyCoreFullIntegrationLinuxJdk11/413516?buildTab=log&focusLine=11558&linesState=11558&logView=flowAware)
  [ERROR]

@yersan
Copy link
Collaborator

yersan commented Jan 22, 2024

Hi @TomasHofman , you caught the WildFly Core repo in the middle of a release with the CI Jobs not updated yet. They are already modified, so it is just a matter of kicking them off again. CI is going pretty slow to me now, but I'll kick them later

@TomasHofman
Copy link
Contributor Author

That's great @yersan , thanks for info! :)

@yersan
Copy link
Collaborator

yersan commented Jan 22, 2024

@TomasHofman Done, let's see how they go.

In case you want to know when they are in progress, you can check this Zulip stream where we advertise when we are releasing: https://wildfly.zulipchat.com/#narrow/stream/274477-Pull-requests/topic/WildFly.20Core.20Release

@yersan
Copy link
Collaborator

yersan commented Jan 22, 2024

@TomasHofman we are going to need another PR for 23.x branch

@TomasHofman
Copy link
Contributor Author

@yersan I only need it in main and 21.0.x (for EAP).

@yersan yersan changed the title WFCORE-6676 Upgrade Apache Mina SSHD to 2.12.0 [WFCORE-6676] CVE-2023-48795 Upgrade Apache Mina SSHD to 2.12.0 Jan 22, 2024
@yersan yersan mentioned this pull request Jan 22, 2024
Merged
@yersan
Copy link
Collaborator

yersan commented Jan 22, 2024

@TomasHofman no problem, it is more a matter of getting the CVE resolved for all current releases upstream and unrelated to the product. I've backported it to 23.x

@yersan yersan added the ready-for-merge This PR is ready to be merged and fulfills all requirements label Jan 22, 2024
@yersan yersan merged commit e536a93 into wildfly:main Jan 23, 2024
@yersan
Copy link
Collaborator

yersan commented Jan 23, 2024

Thanks @TomasHofman

@TomasHofman
Copy link
Contributor Author

Thanks @yersan !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yersan yersan yersan approved these changes

Assignees
No one assigned
Labels
deps-ok Dependencies have been checked, and there are no significant changes ready-for-merge This PR is ready to be merged and fulfills all requirements
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@TomasHofman @wildfly-ci @yersan