[ALSA-2022:4797] Important: maven:3.6 security update
Type:
security
Severity:
important
Release date:
2022-05-30
Description:
The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Security Fix(es): * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages:
  • maven-resolver-1.4.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • jcl-over-slf4j-1.7.28-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • plexus-containers-component-annotations-2.1.0-2.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • maven-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • maven-shared-utils-3.2.1-0.5.module_el8.6.0+2903+d6ca2362.noarch.rpm
  • slf4j-1.7.28-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • apache-commons-codec-1.13-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • atinject-1-31.20100611svn86.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • plexus-interpolation-1.26-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • maven-openjdk11-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • maven-lib-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • sisu-0.3.4-2.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • plexus-classworlds-2.6.0-4.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • maven-openjdk8-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • apache-commons-cli-1.4-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • jsoup-1.12.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • plexus-utils-3.3.0-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • jansi-1.18-4.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • maven-wagon-3.3.4-2.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • plexus-sec-dispatcher-1.4-29.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • httpcomponents-core-4.4.12-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • guava-28.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • cdi-api-2.0.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • maven-openjdk17-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • apache-commons-lang3-3.9-4.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • httpcomponents-client-4.5.10-4.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • apache-commons-io-2.6-6.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • google-guice-4.2.2-4.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • geronimo-annotation-1.0-26.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • plexus-cipher-1.7-17.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • jsr-305-0-0.25.20130910svn.module_el8.6.0+2786+d7c38b21.noarch.rpm
  • aopalliance-1.0-20.module_el8.6.0+2786+d7c38b21.noarch.rpm
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.