From 176a562aa2af14d816f504eaa2cc554f6394cb11 Mon Sep 17 00:00:00 2001
From: godaridillibabu <Dilli.Babu.Godari@ibm.com>
Date: Tue, 10 Dec 2024 13:02:05 +0530
Subject: [PATCH] Upgrade jsch from 0.1.52 to 0.1.55 to fix CVE-2016-5725

Upgrading the jsch library from version 0.1.52 to 0.1.55 addresses
CVE-2016-5725, which is a directory traversal vulnerability in
JCraft JSch before version 0.1.54. This vulnerability allowed remote
SFTP servers to write to arbitrary files on Windows when using
ChannelSftp.OVERWRITE mode, via a ..\ (dot dot backslash) in a
recursive GET command.
---
 .github/workflows/gradle.yml | 29 +++++++++++++++++++++++++++++
 build.gradle                 |  2 +-
 gradle.properties.example    |  2 +-
 3 files changed, 31 insertions(+), 2 deletions(-)
 create mode 100644 .github/workflows/gradle.yml

diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
new file mode 100644
index 00000000..23018f77
--- /dev/null
+++ b/.github/workflows/gradle.yml
@@ -0,0 +1,29 @@
+name: Java CI with Gradle
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: true
+      matrix:
+        java-version:
+          - 8
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          show-progress: false
+          fetch-depth: 0
+      - name: Set up JDK
+        uses: actions/setup-java@v4
+        with:
+          java-version: ${{ matrix.java-version }}
+          distribution: 'temurin'
+          cache: gradle
+      - name: Gradle Build
+        run: ./gradlew build
\ No newline at end of file
diff --git a/build.gradle b/build.gradle
index d08a9a5e..75c23571 100644
--- a/build.gradle
+++ b/build.gradle
@@ -49,7 +49,7 @@ ext.versions = [
         presto       : '0.181',
         reflections  : '0.9.9',
         bytebuddy    : '0.7-rc2',
-        jsch         : '0.1.52',
+        jsch         : '0.1.55',
         mina_sshd    : '0.14.0',
         freemarker   : '2.3.22',
         objenesis    : '1.4',
diff --git a/gradle.properties.example b/gradle.properties.example
index aef97c39..14744819 100644
--- a/gradle.properties.example
+++ b/gradle.properties.example
@@ -1,4 +1,4 @@
-#skipSigning=false
+skipSigning=false
 #signing.keyId=KEYID
 #signing.password=KEY_PASSWORD
 #signing.secretKeyRingFile=KEY_PATH