Fedora Linux 8814 Published by

An apache-ivy security update has been released for Fedora 38.



[SECURITY] Fedora 38 Update: apache-ivy-2.5.1-3.fc38


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-35f775fd6e
2023-07-04 01:32:56.926301
--------------------------------------------------------------------------------

Name : apache-ivy
Product : Fedora 38
Version : 2.5.1
Release : 3.fc38
URL : https://ant.apache.org/ivy
Summary : Java-based dependency manager
Description :
Apache Ivy is a tool for managing (recording, tracking, resolving and
reporting) project dependencies. It is designed as process agnostic and is
not tied to any methodology or structure. while available as a standalone
tool, Apache Ivy works particularly well with Apache Ant providing a number
of powerful Ant tasks ranging from dependency resolution to dependency
reporting and publication.

--------------------------------------------------------------------------------
Update Information:

**Changelog** ``` * Sun Jun 25 2023 Didik Supriadi
[didiksupriadi41@fedoraproject.org] - 2.5.1-3 - Build with ivy instead of maven
```
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jun 25 2023 Didik Supriadi [didiksupriadi41@fedoraproject.org] - 2.5.1-3
- Build with ivy instead of maven
* Sat Apr 29 2023 Didik Supriadi [didiksupriadi41@fedoraproject.org] - 2.5.1-2
- migrated to SPDX license
* Wed Feb 22 2023 Didik Supriadi [didiksupriadi41@fedoraproject.org] - 2.5.1-1
- Update to version 2.5.1
- Remove alias for jayasoft:ivy
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2140083 - apache-ivy-2.5.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2140083
[ 2 ] Bug #2154282 - CVE-2022-37866 apache-ivy: : Apache Ivy: Ivy Path traversal [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2154282
[ 3 ] Bug #2182189 - CVE-2022-37865 apache-ivy: Directory Traversal [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2182189
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-35f775fd6e' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------