Fedora 34: maven-shared-utils 2022-5d6aaab56e | LinuxSecurity.com

What Are You Looking For?

Popular Tags

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-5d6aaab56e
2022-05-08 02:01:08.297511
--------------------------------------------------------------------------------

Name        : maven-shared-utils
Product     : Fedora 34
Version     : 3.2.1
Release     : 0.9.fc34
URL         : https://maven.apache.org/shared/maven-shared-utils
Summary     : Maven shared utility classes
Description :
This project aims to be a functional replacement for plexus-utils in Maven.

It is not a 100% API compatible replacement though but a replacement with
improvements: lots of methods got cleaned up, generics got added and we dropped
a lot of unused code.

--------------------------------------------------------------------------------
Update Information:

Fixes an important security vulnerability - command injection via Commandline
class
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 25 2022 Marian Koncek  - 3.2.1-0.9
- Fix commandline injection vulnerability
- Resolves: CVE-2022-29599
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2066480 - CVE-2022-29599 maven-shared-utils: Command injection via Commandline class [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2066480
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-5d6aaab56e' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

News

Advisories

HOWTOs

Features

Enterprise Encryption for Linux: Improve Manageability & Compliance
Rocky Linux Security Advisories Are Now on LinuxSecurity.com!
Official Guide on Rocky Linux & How to Install It
Business VPNs: Now More Important Than Ever
Linux Log Analysis

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy