[ALSA-2022:4798] Important: maven:3.5 security update
Type:
security
Severity:
important
Release date:
2022-05-30
Description:
The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven. Security Fix(es): * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
noarch google-guice-4.1-11.module_el8.6.0+2752+f1f3449e.noarch.rpm 0bd6a76c086980507cf75f2d0f67a03bc23b61384920c5eba719ec815b75911e
noarch maven-resolver-transport-wagon-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm 0f0ab6a8fde924185a1c08ad522c5c2e5b8814899f38161180d8394b20281be7
noarch apache-commons-logging-1.2-13.module_el8.6.0+2752+f1f3449e.noarch.rpm 150b6709872306bb05754a56650a385a9aada3203ff618736c8780a279e0eeef
noarch maven-wagon-file-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm 161346faad18c01052ede59cafe80e02b61884eee33e645187ca3e9d262b3f02
noarch httpcomponents-client-4.5.5-5.module_el8.6.0+2752+f1f3449e.noarch.rpm 1b2f22533d4a0c450c4ffc5a4af0442e28bc7889c435cb294da99a16eec671c2
noarch maven-resolver-spi-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm 20af0134b622db9b867598528580c1a1679715ef8cd6f70796e7a23adadf8d84
noarch plexus-cipher-1.7-14.module_el8.6.0+2752+f1f3449e.noarch.rpm 22859bcdb4bd11308b7f53b4ba5a4ca922dec0ef036cf1d223b9072b95f05a48
noarch slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e.noarch.rpm 292e8ea233b72dd09de80498503fb693f33e3c296ba8a00d7b43a587e6561dbd
noarch maven-shared-utils-3.2.1-0.2.module_el8.6.0+2902+097a4293.noarch.rpm 36fb08dfef8a03ecf768c87275494a3b624add471a53be7f1a09e26f729940b7
noarch maven-resolver-connector-basic-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm 39c7a3c27b1ade7689fdc53aead07281e3f236a6607b972274c491dc9fab0b36
noarch maven-wagon-provider-api-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm 3fbabafaf9a4894c2ffe7a519d0cb125830d745bda91fd922d5da774c349bba8
noarch aopalliance-1.0-17.module_el8.6.0+2752+f1f3449e.noarch.rpm 3ff269d70bc6e7720034a74bd53b4c5885d1f07951f8d3046f3e53e37789873b
noarch jansi-1.17.1-1.module_el8.6.0+2752+f1f3449e.noarch.rpm 421aae5bdbd3fe075cbedba01735c8684c45b60b873a1b360f83bf22392f5d03
noarch jansi-1.17.1-1.module_el8.0.0+6044+f3cbc35d.noarch.rpm 589967abf16ecdd12217640a0895038befaab43f0fab27c05984e46e231e425c
noarch maven-wagon-http-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm 5fea2d32a719f10068fb23779b80d37cbe363851d5de5e17d5963f2d2a39c8a3
noarch glassfish-el-api-3.0.1-0.7.b08.module_el8.6.0+2752+f1f3449e.noarch.rpm 648608c36d708a4e4174b9c2e584330e5eb06b7490adfd174390f55fe1b33b45
noarch apache-commons-io-2.6-3.module_el8.6.0+2752+f1f3449e.noarch.rpm 673c2bb5b3cf893c0c8f97c1fc8ab2babacada2de81331fcd8837811a0fe450f
noarch jcl-over-slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e.noarch.rpm 6a1f0e3060c4de5b2986881600fba65d879c8deb4b0f80512e7f15fabe7681f1
noarch maven-resolver-impl-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm 6a41234341f4e7295306bd21c3f9d865ee7a90150dd6e2a632fb3eba3fd7b9e5
noarch plexus-containers-component-annotations-1.7.1-8.module_el8.6.0+2752+f1f3449e.noarch.rpm 6c447ad0838916d8a4d7ca3dc1a8fe67f76f1dd5b2d19f46efe3cb13a0d09480
noarch guava20-20.0-8.module_el8.6.0+2752+f1f3449e.noarch.rpm 84a353284489eaf799f8a5974293460e77b26a2f293356b3fe5dfca097737439
noarch apache-commons-codec-1.11-3.module_el8.6.0+2752+f1f3449e.noarch.rpm 875a7c42a74a895ff1f5abfd5aa293771a17e33450b49a6bb5551769f324bd2e
noarch sisu-inject-0.3.3-6.module_el8.6.0+2752+f1f3449e.noarch.rpm 883fcaed060edc67ec03a38697c1f7387e58014fdc2994d2df111a76b10749aa
noarch plexus-interpolation-1.22-9.module_el8.6.0+2752+f1f3449e.noarch.rpm 8fed3e5cae56f4c4c550f8dde79d74b693068723f83f11adada68a0cf2d3b304
noarch jsoup-1.11.3-3.module_el8.6.0+2752+f1f3449e.noarch.rpm 9053546c8faea39cecde36ef9d26e9aafe955311b567b5ae7d990904204a949e
noarch atinject-1-28.20100611svn86.module_el8.6.0+2752+f1f3449e.noarch.rpm 9620e5d656145752ca139bc274634848ecc2850de91419e9eb707ffbea552df1
noarch plexus-classworlds-2.5.2-9.module_el8.6.0+2752+f1f3449e.noarch.rpm 996ed1f8a760059dae9517f1a9f134ae9598625c3b169be39d534a363bf5b72f
noarch plexus-utils-3.1.0-3.module_el8.6.0+2752+f1f3449e.noarch.rpm a799b0e50484ebd7a62f85d220da7b939b569c57e798b6d3dccacb09509d342d
noarch apache-commons-lang3-3.7-3.module_el8.6.0+2752+f1f3449e.noarch.rpm abf09404be71416dfb4bd3e2a49fc58d78c6c7395aa960e2cc887e3a9f9d7feb
noarch plexus-sec-dispatcher-1.4-26.module_el8.6.0+2752+f1f3449e.noarch.rpm afe45e749e550b9a22f72fb904686dc20ed1b92db8a39f44d782f945ada49340
noarch maven-resolver-api-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm b62f2dc2fe89a2c2683607025aba0064210170e504a864664efc37f4b21ae8d9
noarch maven-3.5.4-5.module_el8.6.0+2752+f1f3449e.noarch.rpm c0a06d0e95308dff65f4f8db87f7f8aca0042d2db7b93195f7c8082a06e01a24
noarch slf4j-1.7.25-4.module_el8.5.0+2577+9e95fe00.noarch.rpm c109b72a68915ed0cf53730c115d81ce088f19ac2582206dff3642c5076b3f17
noarch sisu-plexus-0.3.3-6.module_el8.6.0+2752+f1f3449e.noarch.rpm c182ae1d8d8a5a4d31f040d5cace62a11dae1e4d8ed2917ca0919a6b789739da
noarch cdi-api-1.2-8.module_el8.6.0+2752+f1f3449e.noarch.rpm c30a679d740e9dd1a089e62c1cf674c696d53b7cd43373797fe028e6ac5eac2f
noarch jboss-interceptors-1.2-api-1.0.0-8.module_el8.6.0+2752+f1f3449e.noarch.rpm c98c83bf2dec37ac4b456f25e89d1366c1f2c2c5ed60fdd07775787cb6460252
noarch apache-commons-cli-1.4-4.module_el8.6.0+2752+f1f3449e.noarch.rpm cadd0e257190d80cb8334aa4731a75b00bfb95a3149997484f2e15f37bd8deef
noarch httpcomponents-core-4.4.10-3.module_el8.6.0+2752+f1f3449e.noarch.rpm cb3e1299424d5f12566b86bb29be035c9bfa110dde87cb8fff19ebac575c3c7f
noarch geronimo-annotation-1.0-23.module_el8.6.0+2752+f1f3449e.noarch.rpm d1692ebd27f51bedc43b56bdec5767b556e74cf73e6addd6582df947d725b4ce
noarch maven-lib-3.5.4-5.module_el8.6.0+2752+f1f3449e.noarch.rpm dc68f3a08540aeb14af7154398c78bb0462e87896fd9183c39f80f1f4cf1bf3c
noarch maven-resolver-util-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm e09479aad465dab98ba981524c8be17ff50507a99ddc63b6e4ea08b382ab2f7f
noarch maven-wagon-http-shared-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm eadb4a9c395f8cec2914dccac90cdd620121a762eb8177647909146a723173bb
noarch hawtjni-runtime-1.16-2.module_el8.6.0+2752+f1f3449e.noarch.rpm f0ff23714d7896c1400d162a43b08073630b86bd787f25a60ee735b7b0de3549
ppc64le jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e.ppc64le.rpm f0f6ef70ea4e09d3895d7d0d31f8481ba3d5cd4a47af7c7bee8cb30806aff163
x86_64 jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e.x86_64.rpm e3ca966451b6ee4b1b7abe4ed2aa54fbcb94267d5680952b35a6ba20dd69bf76
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.