[ALSA-2022:4797] Important: maven:3.6 security update
Type:
security
Severity:
important
Release date:
2022-05-30
Description:
The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Security Fix(es): * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
noarch maven-resolver-1.4.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm 11e20f2f33cc615a3721af98927262b02921107ed741404aaa6ff675be75a58d
noarch jcl-over-slf4j-1.7.28-3.module_el8.6.0+2786+d7c38b21.noarch.rpm 14e95621ecf2f3052af1cb40a816bd5bee233835f4f0ba683123877a5358bbf0
noarch plexus-containers-component-annotations-2.1.0-2.module_el8.6.0+2786+d7c38b21.noarch.rpm 16d171518a4d0af2a244f270e3e9ff381832e1610dab1b1a82aa43b0ec941757
noarch maven-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm 18bc3406cf25bc4ad7f74fa86caa72d2cb636dfccf82782e005550324950e337
noarch maven-shared-utils-3.2.1-0.5.module_el8.6.0+2903+d6ca2362.noarch.rpm 1f214a8732fb68d87074f1bf0121e06a3dbf64cc45cc3238be9999bddd365ccc
noarch slf4j-1.7.28-3.module_el8.6.0+2786+d7c38b21.noarch.rpm 26f2b97d7cfe7070ac9fa04b54c50f049f28dead79a78ad2b7051d04e516ff0b
noarch apache-commons-codec-1.13-3.module_el8.6.0+2786+d7c38b21.noarch.rpm 2e04c18e736ab4985a196f051c4a468c4a0ede815abd9c174d2b7783ab172189
noarch atinject-1-31.20100611svn86.module_el8.6.0+2786+d7c38b21.noarch.rpm 3359d8279ddb9bb821c8dc124aeaec8fdcdca96db0bc086a933b137c0f0e69c6
noarch plexus-interpolation-1.26-3.module_el8.6.0+2786+d7c38b21.noarch.rpm 37a59c346e18aaefce7adc0e16c3a5d07c6f1dffd0b81a31a68d3eddc9deab2c
noarch maven-openjdk11-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm 380bf2741b0aaff7a7dbeaf29d65ef077f0d2deba042e0b4a7e9730c412e5868
noarch maven-lib-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm 3c93ac35b909eea7740388b3128f3ec7b14245aed8ba83060378cad785e407a3
noarch sisu-0.3.4-2.module_el8.6.0+2786+d7c38b21.noarch.rpm 3ca22c11b20e27a813e6c8d21b31c72f6a999dc8c10f633a9abc0d7c145a1b66
noarch plexus-classworlds-2.6.0-4.module_el8.6.0+2786+d7c38b21.noarch.rpm 4045b7011337370ab890b8851412450c8179ef756988f2883f305dc2326c1a81
noarch maven-openjdk8-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm 468fffd0b3c47460733c168f71e3e9db82f4b50e8d58eafe85414977c47dccac
noarch apache-commons-cli-1.4-7.module_el8.6.0+2786+d7c38b21.noarch.rpm 4e49618e7c555ddb9e9e591e46b4561411bb7f1e20eafb9f42d17c4b76884c2c
noarch jsoup-1.12.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm 5065de963e07b5d5251716ac7f94fdfd76da10c08da45e12e6c7a449f42535e9
noarch plexus-utils-3.3.0-3.module_el8.6.0+2786+d7c38b21.noarch.rpm 599da53e25e54158674d466284ca9a66d34684cf6ce8574930556f85d83bb411
noarch jansi-1.18-4.module_el8.6.0+2786+d7c38b21.noarch.rpm 5ec52123629d9fb21fdb3d265233008d07f78ea691095b67fac8d4c706a693f0
noarch maven-wagon-3.3.4-2.module_el8.6.0+2786+d7c38b21.noarch.rpm 5f775ce4ba807e57930a0479f06b617543156e117681785fd0565c429026b7ad
noarch plexus-sec-dispatcher-1.4-29.module_el8.6.0+2786+d7c38b21.noarch.rpm 86c062c3e54fb798fb76aeea0dfcdd765aa4fac5f3253b449a480cbe8cfc3b24
noarch httpcomponents-core-4.4.12-3.module_el8.6.0+2786+d7c38b21.noarch.rpm 9339d1eaf943d28866387ad5eeec25309b04459fac926f29bedb3596dd38ef64
noarch guava-28.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm 9c1bdf74cee2afecc05d4db3ca37df3202e34d63b4b86b5d843437341ee89498
noarch cdi-api-2.0.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm a625e5bf58dfe5d5aa82beac1d99b2e28fd8b7b1a1c03e8bed2c7f4462a737c6
noarch maven-openjdk17-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm b35e77c342ca07c254218149ce3edec7596b3ec42010b70167db49f5a5219457
noarch apache-commons-lang3-3.9-4.module_el8.6.0+2786+d7c38b21.noarch.rpm bd93b5f5247fcef9bc666898f256655b5c8d5039f6e2437e832c6f53774738bc
noarch httpcomponents-client-4.5.10-4.module_el8.6.0+2786+d7c38b21.noarch.rpm c3d6533d1bd6373869d1661b6233748a68674c346fe6b0863d2c7b2c940cbea4
noarch apache-commons-io-2.6-6.module_el8.6.0+2786+d7c38b21.noarch.rpm c96a4b563776d6e6d15167aed8252d1dd2f4482c44edc5e5d9dec562605ed8c7
noarch google-guice-4.2.2-4.module_el8.6.0+2786+d7c38b21.noarch.rpm cc7d5a6c3d51fe818fec6af12ab5c3cc03bd17a57afb528af9e44454e66847b4
noarch geronimo-annotation-1.0-26.module_el8.6.0+2786+d7c38b21.noarch.rpm d29232742f61c2c050bde16e6567541bb1a161c714e4e4d861dbc4d31ed450f0
noarch plexus-cipher-1.7-17.module_el8.6.0+2786+d7c38b21.noarch.rpm da8ccbe6d8ec3e070611a7ededdf099ed8a4855d6ed594bef0987f4edb51d087
noarch jsr-305-0-0.25.20130910svn.module_el8.6.0+2786+d7c38b21.noarch.rpm dcd4539389b359127dc3e0c98fa6ee88d65abeee633ad2b16436cea0f48a39b4
noarch aopalliance-1.0-20.module_el8.6.0+2786+d7c38b21.noarch.rpm e880be9f037c4dab64250caa055ec59ccd8cd1019532151612b4352cb135e7be
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.