[JENKINS-75077] Update mina-sshd-api.version to v2.14.0-138.v6341ee58…

…e1df

#10096 is the pull request to
the master branch that has been merged for inclusion in the 7 Jan 2025
release of Jenkins 2.492.

The Apache MINA core library has reported CVE-2024-52046
GHSA-76h9-2vwh-w278 , an issue for MINA
users that use `ioBuffer.getObject()`. Jenkins is not affected by
the issue, but software composition analysis tools will report it as
a vulnerability and we'll spend time explaining that Jenkins is not
vulnerable.

Let's backport the change to the stable-2.479 line so that it can be
part of Jenkins 2.479.3

This is an exception to the policy that we only backport to an LTS after
a change has been merged to the Jenkins weekly release. I think this
exception should be approved so that we reduce the amount of time that the
Jenkins security team must spend explaining that Jenkins is not vulnerable
to this issue. It is simpler to include the updated library plugin than
to spend time explaining why this is not an issue.

(cherry picked from commit efae3ca)

war/pom.xml

@@ -46,7 +46,7 @@ THE SOFTWARE.
     <host>localhost</host>
     <!-- HTTP listener port -->
     <port>8080</port>
-    <mina-sshd-api.version>2.13.2-125.v200281b_61d59</mina-sshd-api.version>
+    <mina-sshd-api.version>2.14.0-138.v6341ee58e1df</mina-sshd-api.version>
     <!-- Minimum Remoting version, which is tested for API compatibility, duplicated so that renovate only updates the latest remoting version property -->
     <remoting.minimum.supported.version>3107.v665000b_51092</remoting.minimum.supported.version>