Could we have a new Apache MINA SSHD 2.12.0 release, please?
There've been a few minor improvements, but the main reason for a new release is that we've implemented the "strict key exchange" mitigation against the Terrapin attack (CVE-2023-48795, which is a CVE against the SSH protocol itself.) Downstream users need a new release to get this strict key exchange protocol extension. Cheers, Thomas --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org