[ALSA-2022:1861] Moderate: maven:3.5 security update
Type:
security
Severity:
moderate
Release date:
2022-05-10
Description:
Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information. Security Fix(es): * apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages:
  • google-guice-4.1-11.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-resolver-transport-wagon-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • apache-commons-logging-1.2-13.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-wagon-file-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • httpcomponents-client-4.5.5-5.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-resolver-spi-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • plexus-cipher-1.7-14.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-resolver-connector-basic-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-shared-utils-3.2.1-0.1.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-wagon-provider-api-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • aopalliance-1.0-17.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • jansi-1.17.1-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-wagon-http-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • glassfish-el-api-3.0.1-0.7.b08.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • apache-commons-io-2.6-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • jcl-over-slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-resolver-impl-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • plexus-containers-component-annotations-1.7.1-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • guava20-20.0-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • apache-commons-codec-1.11-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • sisu-inject-0.3.3-6.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • plexus-interpolation-1.22-9.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • jsoup-1.11.3-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • atinject-1-28.20100611svn86.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • plexus-classworlds-2.5.2-9.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • plexus-utils-3.1.0-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • apache-commons-lang3-3.7-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • plexus-sec-dispatcher-1.4-26.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-resolver-api-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-3.5.4-5.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • sisu-plexus-0.3.3-6.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • cdi-api-1.2-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • jboss-interceptors-1.2-api-1.0.0-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • apache-commons-cli-1.4-4.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • httpcomponents-core-4.4.10-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • geronimo-annotation-1.0-23.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-lib-3.5.4-5.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • maven-resolver-util-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e.x86_64.rpm
  • maven-wagon-http-shared-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • hawtjni-runtime-1.16-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
  • jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e.aarch64.rpm
  • jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e.ppc64le.rpm
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.