AlmaLinux 2324 Published by

A maven:3.5 security update has been released for AlmaLinux.



ALSA-2022:4798 Important: maven:3.5 security update


Type:
security

Severity:
important

Release date:
2022-05-30

Description
Security Fix(es):
* maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2022-29599
ALSA-2022-4798

Updates packages:
aopalliance-1.0-17.module_el8.6.0+2752+f1f3449e.noarch.rpm
apache-commons-cli-1.4-4.module_el8.6.0+2752+f1f3449e.noarch.rpm
apache-commons-codec-1.11-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
apache-commons-io-2.6-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
apache-commons-lang3-3.7-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
apache-commons-logging-1.2-13.module_el8.6.0+2752+f1f3449e.noarch.rpm
atinject-1-28.20100611svn86.module_el8.6.0+2752+f1f3449e.noarch.rpm
cdi-api-1.2-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
geronimo-annotation-1.0-23.module_el8.6.0+2752+f1f3449e.noarch.rpm
glassfish-el-api-3.0.1-0.7.b08.module_el8.6.0+2752+f1f3449e.noarch.rpm
google-guice-4.1-11.module_el8.6.0+2752+f1f3449e.noarch.rpm
guava20-20.0-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
hawtjni-runtime-1.16-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
httpcomponents-client-4.5.5-5.module_el8.6.0+2752+f1f3449e.noarch.rpm
httpcomponents-core-4.4.10-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
jansi-1.17.1-1.module_el8.0.0+6044+f3cbc35d.noarch.rpm
jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e.x86_64.rpm
jboss-interceptors-1.2-api-1.0.0-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
jcl-over-slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e.noarch.rpm
jsoup-1.11.3-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-3.5.4-5.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-lib-3.5.4-5.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-api-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-connector-basic-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-impl-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-spi-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-transport-wagon-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-util-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-shared-utils-3.2.1-0.2.module_el8.6.0+2902+097a4293.noarch.rpm
maven-wagon-file-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-wagon-http-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-wagon-http-shared-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-wagon-provider-api-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-cipher-1.7-14.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-classworlds-2.5.2-9.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-containers-component-annotations-1.7.1-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-interpolation-1.22-9.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-sec-dispatcher-1.4-26.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-utils-3.1.0-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
sisu-inject-0.3.3-6.module_el8.6.0+2752+f1f3449e.noarch.rpm
sisu-plexus-0.3.3-6.module_el8.6.0+2752+f1f3449e.noarch.rpm
slf4j-1.7.25-4.module_el8.5.0+2577+9e95fe00.noarch.rpm
jansi-1.17.1-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e.ppc64le.rpm
slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e.noarch.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:4798 Important: maven:3.5 security update