UbuntuUpdates.org

Package "maven-shared-utils"

Name: maven-shared-utils

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Replacement for plexus-utils in Maven
  • Replacement for plexus-utils in Maven (documentation)

Latest version: 3.3.0-1ubuntu0.22.04.1
Release: jammy (22.04)
Level: updates
Repository: universe

Links



Other versions of "maven-shared-utils" in Jammy

Repository Area Version
base universe 3.3.0-1
security universe 3.3.0-1ubuntu0.22.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.3.0-1ubuntu0.22.04.1 2024-04-12 01:07:19 UTC

  maven-shared-utils (3.3.0-1ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Commandline class can emit double-quoted strings
    without proper escaping, allowing shell injection attacks.
    - debian/patches/CVE-2022-29599.patch: BourneShell unconditionally
      single quotes executable and arguments.
    - CVE-2022-29599

 -- Chris Kim <email address hidden> Wed, 27 Mar 2024 16:31:18 -0700

CVE-2022-29599 In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing she



About   -   Send Feedback to @ubuntu_updates