ALSA-2022:1861
- Source
- https://errata.almalinux.org/8/ALSA-2022-1861.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2022:1861.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2022:1861
- Related
- Published
- 2022-05-10T08:04:48Z
- Modified
- 2022-05-10T08:04:46Z
- Summary
- Moderate: maven:3.5 security update
- Details
-
Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information.
Security Fix(es):
- apache-httpclient: incorrect handling of malformed authority component in request URIs (CVE-2020-13956)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
- References
Affected packages
AlmaLinux:8 / aopalliance
Package
- Name
- aopalliance
AlmaLinux:8 / apache-commons-cli
Package
- Name
- apache-commons-cli
AlmaLinux:8 / apache-commons-codec
Package
- Name
- apache-commons-codec
AlmaLinux:8 / apache-commons-io
Package
- Name
- apache-commons-io
AlmaLinux:8 / apache-commons-lang3
Package
- Name
- apache-commons-lang3
AlmaLinux:8 / apache-commons-logging
Package
- Name
- apache-commons-logging
AlmaLinux:8 / atinject
Package
- Name
- atinject
AlmaLinux:8 / cdi-api
Package
- Name
- cdi-api
AlmaLinux:8 / geronimo-annotation
Package
- Name
- geronimo-annotation
AlmaLinux:8 / glassfish-el-api
Package
- Name
- glassfish-el-api
AlmaLinux:8 / google-guice
Package
- Name
- google-guice
AlmaLinux:8 / guava20
Package
- Name
- guava20
AlmaLinux:8 / hawtjni-runtime
Package
- Name
- hawtjni-runtime
AlmaLinux:8 / httpcomponents-client
Package
- Name
- httpcomponents-client
AlmaLinux:8 / httpcomponents-core
Package
- Name
- httpcomponents-core
AlmaLinux:8 / jansi
Package
- Name
- jansi
AlmaLinux:8 / jansi
Package
- Name
- jansi
AlmaLinux:8 / jansi
Package
- Name
- jansi
AlmaLinux:8 / jansi-native
Package
- Name
- jansi-native
AlmaLinux:8 / jboss-interceptors-1.2-api
Package
- Name
- jboss-interceptors-1.2-api
AlmaLinux:8 / jcl-over-slf4j
Package
- Name
- jcl-over-slf4j
AlmaLinux:8 / jsoup
Package
- Name
- jsoup
AlmaLinux:8 / maven
Package
- Name
- maven
AlmaLinux:8 / maven-lib
Package
- Name
- maven-lib
AlmaLinux:8 / maven-resolver-api
Package
- Name
- maven-resolver-api
AlmaLinux:8 / maven-resolver-connector-basic
Package
- Name
- maven-resolver-connector-basic
AlmaLinux:8 / maven-resolver-impl
Package
- Name
- maven-resolver-impl
AlmaLinux:8 / maven-resolver-spi
Package
- Name
- maven-resolver-spi
AlmaLinux:8 / maven-resolver-transport-wagon
Package
- Name
- maven-resolver-transport-wagon
AlmaLinux:8 / maven-resolver-util
Package
- Name
- maven-resolver-util
AlmaLinux:8 / maven-shared-utils
Package
- Name
- maven-shared-utils
AlmaLinux:8 / maven-wagon-file
Package
- Name
- maven-wagon-file
AlmaLinux:8 / maven-wagon-http
Package
- Name
- maven-wagon-http
AlmaLinux:8 / maven-wagon-http-shared
Package
- Name
- maven-wagon-http-shared
AlmaLinux:8 / maven-wagon-provider-api
Package
- Name
- maven-wagon-provider-api
AlmaLinux:8 / plexus-cipher
Package
- Name
- plexus-cipher
AlmaLinux:8 / plexus-classworlds
Package
- Name
- plexus-classworlds
AlmaLinux:8 / plexus-containers-component-annotations
Package
- Name
- plexus-containers-component-annotations
AlmaLinux:8 / plexus-interpolation
Package
- Name
- plexus-interpolation
AlmaLinux:8 / plexus-sec-dispatcher
Package
- Name
- plexus-sec-dispatcher
AlmaLinux:8 / plexus-utils
Package
- Name
- plexus-utils
AlmaLinux:8 / sisu-inject
Package
- Name
- sisu-inject
AlmaLinux:8 / sisu-plexus
Package
- Name
- sisu-plexus
AlmaLinux:8 / slf4j
Package
- Name
- slf4j