From 3ee9480cf3fc16cd3aae87a70255c09f11dd4e6f Mon Sep 17 00:00:00 2001
From: Dilli-Babu-Godari <godari728@gmail.com>
Date: Thu, 5 Dec 2024 14:08:22 +0530
Subject: [PATCH] Upgrade jsch from 0.1.52 to 0.1.55 to fix CVE-2016-5725

Upgrading the jsch library from version 0.1.52 to 0.1.55 addresses
CVE-2016-5725, which is a directory traversal vulnerability in
JCraft JSch before version 0.1.54. This vulnerability allowed remote
SFTP servers to write to arbitrary files on Windows when using
ChannelSftp.OVERWRITE mode, via a ..\ (dot dot backslash) in a
recursive GET command.
---
 .gitignore   | 2 +-
 build.gradle | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.gitignore b/.gitignore
index b721ceb2..1ddc03fa 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,6 @@
 # Build files
 .gradle/
-gradle.properties
+!gradle.properties
 build/
 
 # Ignore IntelliJ files
diff --git a/build.gradle b/build.gradle
index d08a9a5e..75c23571 100644
--- a/build.gradle
+++ b/build.gradle
@@ -49,7 +49,7 @@ ext.versions = [
         presto       : '0.181',
         reflections  : '0.9.9',
         bytebuddy    : '0.7-rc2',
-        jsch         : '0.1.52',
+        jsch         : '0.1.55',
         mina_sshd    : '0.14.0',
         freemarker   : '2.3.22',
         objenesis    : '1.4',