[GHSA-6w3v-66mj-2qm6] Moderate severity vulnerability that affects org.apache.qpid:apache-qpid-broker-j

[MarkLee131]

Updates

• References

Comments Add a patch https://github.com/apache/qpid-broker-j/commit/30ca170c42c400b41340a81c6a69d33aa19bf189, of which the commit message claims QPID-8046: [Broker-J] Add more tests Cherry picked from ca088c2

Add a patch https://github.com/apache/qpid-broker-j/commit/4b9fb37abbe882193b16595ed7b8e9d8383f59e1, of which the commit message claims QPID-8046: [Broker-J] [PlainNegotiator] Eliminate redundant UTF-8/UnsupportedEncodingException catch block Cherry picked from fcca9d2

Add a patch https://github.com/apache/qpid-broker-j/commit/de509dd955229a395c086a7cca874dc55306648a, of which the commit message claims QPID-8046: [Broker-J] Allow SASL mechanisms PLAIN and XOAUTH2 to not require initial response Cherry picked from 4eb2ea6

[darakian]

Hey @MarkLee131, can you please elaborate on which of these is an actual fix? The first one seems like it is clearly not as it only adds tests.

[taladrane]

👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the Keep label to hold stale off permanently, or do nothing. If you do nothing this pull request will be closed eventually by the stale bot. Please see CONTRIBUTING.md for more policy details.

[taladrane]

👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the Keep label to hold stale off permanently, or do nothing. If you do nothing this pull request will be closed eventually by the stale bot. Please see CONTRIBUTING.md for more policy details.