devaspatikrishnatri opened a new pull request, #1285: URL: https://github.com/apache/knox/pull/1285
(It is very **important** that you created an Apache Knox JIRA for this change and that the PR title/commit message includes the Apache Knox JIRA ID!) [KNOX-3366](https://issues.apache.org/jira/browse/KNOX-3366) - Upgrade mina-core to 2.2.8 ## What changes were proposed in this pull request? Upgrade mina-core to 2.2.8 to target CVEs. CVE-2026-47065: Critical Deserialization Allow-list Bypass via resolveProxyClass - ZDRES-232 CVE-2026-47321: Unbounded Decompression Amplification DoS in Apache Mina Zlib.inflate - ZDRES-231 https://mina.apache.org/mina-project/news ## How was this patch tested? Built Locally , relying on precommits. ## Integration Tests No additional tests added , as this is a minor change. Please review [Knox Contributing Process](https://cwiki.apache.org/confluence/display/KNOX/Contribution+Process#ContributionProcess-GithubWorkflow) before opening a pull request. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
