A maven:3.6 security and enhancement update has been released for AlmaLinux.

ALSA-2022:1860 Moderate: maven:3.6 security and enhancement update

Type:
security

Severity:
moderate

Release date:
2022-05-10

Description
Security Fix(es):
* apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:
CVE-2020-13956
ALSA-2022-1860

Updates packages:
aopalliance-1.0-20.module_el8.6.0+2786+d7c38b21.noarch.rpm
apache-commons-cli-1.4-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
apache-commons-codec-1.13-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
apache-commons-io-2.6-6.module_el8.6.0+2786+d7c38b21.noarch.rpm
apache-commons-lang3-3.9-4.module_el8.6.0+2786+d7c38b21.noarch.rpm
atinject-1-31.20100611svn86.module_el8.6.0+2786+d7c38b21.noarch.rpm
cdi-api-2.0.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
geronimo-annotation-1.0-26.module_el8.6.0+2786+d7c38b21.noarch.rpm
google-guice-4.2.2-4.module_el8.6.0+2786+d7c38b21.noarch.rpm
guava-28.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
httpcomponents-client-4.5.10-4.module_el8.6.0+2786+d7c38b21.noarch.rpm
httpcomponents-core-4.4.12-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
jansi-1.18-4.module_el8.6.0+2786+d7c38b21.noarch.rpm
jcl-over-slf4j-1.7.28-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
jsoup-1.12.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
jsr-305-0-0.25.20130910svn.module_el8.6.0+2786+d7c38b21.noarch.rpm
maven-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
maven-lib-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
maven-openjdk11-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
maven-openjdk17-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
maven-openjdk8-3.6.2-7.module_el8.6.0+2786+d7c38b21.noarch.rpm
maven-resolver-1.4.1-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
maven-shared-utils-3.2.1-0.4.module_el8.6.0+2786+d7c38b21.noarch.rpm
maven-wagon-3.3.4-2.module_el8.6.0+2786+d7c38b21.noarch.rpm
plexus-cipher-1.7-17.module_el8.6.0+2786+d7c38b21.noarch.rpm
plexus-classworlds-2.6.0-4.module_el8.6.0+2786+d7c38b21.noarch.rpm
plexus-containers-component-annotations-2.1.0-2.module_el8.6.0+2786+d7c38b21.noarch.rpm
plexus-interpolation-1.26-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
plexus-sec-dispatcher-1.4-29.module_el8.6.0+2786+d7c38b21.noarch.rpm
plexus-utils-3.3.0-3.module_el8.6.0+2786+d7c38b21.noarch.rpm
sisu-0.3.4-2.module_el8.6.0+2786+d7c38b21.noarch.rpm
slf4j-1.7.28-3.module_el8.6.0+2786+d7c38b21.noarch.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:1860 Moderate: maven:3.6 security and enhancement update