The process that we go through in WildFly for a component upgrade like WildFly Elytron is first we would process the component upgrade into WildFly Core by submitting a pull request to the relevant maintenance branch of WildFly Core and allow that to run through CI giving us a set of test results.
WildFly Core would subsequently be tagged and a pull request submitted against WildFly which again would trigger CI runs.
In some cases you may find that you could get away with manually updating the components in your installation by replacing the jars in the module and updating the module.xml files accordingly but in that case you would be skipping any of the testing we would normally go through to process a component upgrade into WildFly. However without the CI runs it will not be clear if the component upgrade could cause further issues as we develop with a known set of components rather than independent updates.