Bump org.apache.sshd:sshd-scp from 2.15.0 to 2.16.0

[dependabot]

Bumps org.apache.sshd:sshd-scp from 2.15.0 to 2.16.0.

Release notes

Sourced from org.apache.sshd:sshd-scp's releases.

Apache MINA SSHD 2.16.0

What's Changed

• bugfix: fix cert auth failed bug by @​liuziyu1226 in apache/mina-sshd#660
• GH-664: Skip MAC negotiation if an AEAD cipher was negotiated by @​tomaswolf in apache/mina-sshd#666
• GH-663: Fix a race in IoSession creation by @​tomaswolf in apache/mina-sshd#667
• Also test sshd-mina using mina-core 2.2.4 by @​tomaswolf in apache/mina-sshd#681
• ScpShell fixes; SFTP append mode for buggy servers by @​tomaswolf in apache/mina-sshd#696
• fix sources.jar Reproducible Builds issue by @​hboutemy in apache/mina-sshd#695
• GH-700: Fix race in AbstractCloseable.doCloseImmediately() by @​tomaswolf in apache/mina-sshd#702
• GH-705: Make ChannelToPortHandler accessible to user code by @​tomaswolf in apache/mina-sshd#707
• GH-709: Handle keep-alive channel messages sent by an old OpenSSH server by @​tomaswolf in apache/mina-sshd#710
• GH-727: supply default port for proxyJump if no HostConfigEntry by @​tomaswolf in apache/mina-sshd#730
• GH-733: Fix SftpRemotePathChannel.transferTo by @​tomaswolf in apache/mina-sshd#734
• GH-725 Added commandTimeoutMillis in executeRemoteCommand by @​raajeive in apache/mina-sshd#726
• GH-774: Fix WritePendingException by @​tomaswolf in apache/mina-sshd#775
• #771 Avoid NoClassDefFoundError: net/i2p/crypto/eddsa/EdDSAPublicKey by @​rde-infologic in apache/mina-sshd#773
• GH-516 Fix filesystem-id parsing in getFileSystem(URI) by @​ago1024 in apache/mina-sshd#766
• GH-754: Don't close DefaultForwarder on bind error by @​tomaswolf in apache/mina-sshd#776
• Close repository after usage in GitPackCommand by @​kwin in apache/mina-sshd#794
• Trigger ClientChannelEvent.Timeout and ClientSessionEvent.TIMEOUT independently to host's program cycle times by @​fersaru in apache/mina-sshd#790

New Contributors

• @​liuziyu1226 made their first contribution in apache/mina-sshd#660
• @​raajeive made their first contribution in apache/mina-sshd#726
• @​rde-infologic made their first contribution in apache/mina-sshd#773
• @​ago1024 made their first contribution in apache/mina-sshd#766
• @​kwin made their first contribution in apache/mina-sshd#794
• @​fersaru made their first contribution in apache/mina-sshd#790

Full Changelog: apache/mina-sshd@sshd-2.15.0...sshd-2.16.0

Changelog

Sourced from org.apache.sshd:sshd-scp's changelog.

Previous Versions

• Version 2.1.0 to 2.2.0
• Version 2.2.0 to 2.3.0
• Version 2.3.0 to 2.4.0
• Version 2.4.0 to 2.5.0
• Version 2.5.0 to 2.5.1
• Version 2.5.1 to 2.6.0
• Version 2.6.0 to 2.7.0
• Version 2.7.0 to 2.8.0
• Version 2.8.0 to 2.9.0
• Version 2.9.0 to 2.9.1
• Version 2.9.1 to 2.9.2
• Version 2.9.2 to 2.10.0
• Version 2.10.0 to 2.11.0
• Version 2.11.0 to 2.12.0
• Version 2.12.0 to 2.12.1
• Version 2.12.1 to 2.13.0
• Version 2.13.0 to 2.13.1
• Version 2.13.1 to 2.13.2
• Version 2.13.2 to 2.14.0
• Version 2.14.0 to 2.15.0

Latest Released Version

• Version 2.15.0 to 2.16.0

Planned for Next Version

Bug Fixes

• GH-807 Handle "verified" flag for sk-* keys
• GH-809 Fix server-side authentication for FIDO/U2F sk-* keys with flags in authorized_keys
• GH-827 Don't fail on invalid known_hosts lines; log and skip them
• GH-830 EC public keys: let Bouncy Castle generate X.509 encodings with the curve OID as algorithm parameter

New Features

• GH-814 Include a fix for CVE-2020-36843 in optional dependency net.i2p.crypto:eddsa:0.3.0: perform the missing range check in Apache MINA SSHD before delegating to the signature verification in net.i2p.crypto:eddsa:0.3.0. This means that using net.i2p.crypto:eddsa:0.3.0 in Apache MINA SSHD is safe despite that CVE in the dependency.

Potential Compatibility Issues

Major Code Re-factoring

Commits

• 445ef7e [maven-release-plugin] prepare release sshd-2.16.0
• ebbfaf9 [releng] SCM tag for development versions
• 2ec336a Fix javadoc warnings
• 92eb158 Prepare documentation for a 2.16.0 release
• 62e6b5c [releng] Bump version to 2.16.0-SNAPSHOT
• 3fbc0a8 Bump grpc.version from 1.73.0 to 1.74.0 (#792)
• 99246d6 Fix ClientChannelEvent.Timeout and ClientSessionEvent.TIMEOUT (#790)
• 2868de8 Merge pull request #794 from kwin/bugfix/close-repo-in-pack-cmd
• 6358be2 Close repository after usage in GitPackCommand
• 67e2e4c Bump pmd.version from 7.15.0 to 7.16.0 (#788)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #37.