A maven:3.5 security update has been released for AlmaLinux.
ALSA-2022:1861 Moderate: maven:3.5 security update
Type:
security
Severity:
moderate
Release date:
2022-05-10
Description
Security Fix(es):
* apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
CVE-2020-13956
ALSA-2022-1861
Updates packages:
aopalliance-1.0-17.module_el8.6.0+2752+f1f3449e.noarch.rpm
apache-commons-cli-1.4-4.module_el8.6.0+2752+f1f3449e.noarch.rpm
apache-commons-codec-1.11-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
apache-commons-io-2.6-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
apache-commons-lang3-3.7-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
apache-commons-logging-1.2-13.module_el8.6.0+2752+f1f3449e.noarch.rpm
atinject-1-28.20100611svn86.module_el8.6.0+2752+f1f3449e.noarch.rpm
cdi-api-1.2-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
geronimo-annotation-1.0-23.module_el8.6.0+2752+f1f3449e.noarch.rpm
glassfish-el-api-3.0.1-0.7.b08.module_el8.6.0+2752+f1f3449e.noarch.rpm
google-guice-4.1-11.module_el8.6.0+2752+f1f3449e.noarch.rpm
guava20-20.0-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
hawtjni-runtime-1.16-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
httpcomponents-client-4.5.5-5.module_el8.6.0+2752+f1f3449e.noarch.rpm
httpcomponents-core-4.4.10-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
jansi-1.17.1-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e.x86_64.rpm
jboss-interceptors-1.2-api-1.0.0-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
jcl-over-slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e.noarch.rpm
jsoup-1.11.3-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-3.5.4-5.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-lib-3.5.4-5.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-api-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-connector-basic-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-impl-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-spi-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-transport-wagon-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-resolver-util-1.1.1-2.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-shared-utils-3.2.1-0.1.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-wagon-file-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-wagon-http-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-wagon-http-shared-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
maven-wagon-provider-api-3.1.0-1.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-cipher-1.7-14.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-classworlds-2.5.2-9.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-containers-component-annotations-1.7.1-8.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-interpolation-1.22-9.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-sec-dispatcher-1.4-26.module_el8.6.0+2752+f1f3449e.noarch.rpm
plexus-utils-3.1.0-3.module_el8.6.0+2752+f1f3449e.noarch.rpm
sisu-inject-0.3.3-6.module_el8.6.0+2752+f1f3449e.noarch.rpm
sisu-plexus-0.3.3-6.module_el8.6.0+2752+f1f3449e.noarch.rpm
slf4j-1.7.25-4.module_el8.6.0+2752+f1f3449e.noarch.rpm
jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e.aarch64.rpm
jansi-native-1.7-7.module_el8.6.0+2752+f1f3449e.ppc64le.rpm
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.
