Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:Update
patchinfo.31389
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.31389
<patchinfo incident="31389"> <issue tracker="bnc" id="1215973">VUL-0: CVE-2023-37460: plexus-archiver: Arbitrary File Creation in AbstractUnArchiver</issue> <issue tracker="cve" id="2023-37460"/> <packager>fstrba</packager> <rating>moderate</rating> <category>recommended</category> <summary>Recommended update for Java</summary> <description>This update for Java fixes the following issues: plexus-archiver was updated from version 4.2.1 to 4.8.0: - Changes of 4.8.0: * Security issues fixed: + CVE-2023-37460: Avoid override target symlink by standard file in AbstractUnArchiver (bsc#1215973) * New features and improvements: + Added tzst alias for tar.zst archiver/unarchived * Bugs fixed: + Detect permissions for addFile * Maintenance: + Removed public modifier from JUnit 5 tests + Use https in scm/url + Removed junit-jupiter-engine from project dependencies + Removed parent and reports menu from site + Cleanup after "veryLargeJar" test + Override project.url - Changes of 4.7.1: * Bugs fixed: + Don't apply umask on unknown perms (Win) - Changes of 4.7.0: * New features and improvements: + add umask support and use 022 in RB mode + Use NIO Files for creating temporary files + Deprecate the JAR Index feature (JDK-8302819) + Added Archiver aliases for tar.* * Maintenance: + Use JUnit TempDir to manage temporary files in tests + Override uId and gId for Tar in test + Bump maven-resources-plugin from 2.7 to 3.3.1 - Changes of 4.6.3: * New features and improvements: + Fixed path traversal vulnerability The vulnerability affects only directories whose name begins with the same prefix as the destination directory. For example malicious archive may extract file in /opt/directory instead of /opt/dir. - Changes of 4.6.2: * Bugs fixed: + Fixed regression in handling symbolic links - Changes of 4.6.1: * Bugs fixed: + Normalize file separators before warning about equal archive entries - Changes of 4.6.0: * New features and improvements: + keep file/directory permissions in Reproducible Builds mode - Changes of 4.5.0: * New features and improvements: + Added zstd (un)archiver support * Bugs fixed: + Fixed UnArchiver#isOverwrite not working as expected - Changes of 4.4.0: * New features and improvements: + Drop legacy plexus API and use only JSR330 components - Changes of 4.3.0: * New features and improvements: + Require Java 8 + Refactor to use FileTime API + Rename setTime method to setZipEntryTime + Convert InputStreamSupplier to lambdas * Bugs fixed: + Reproducible Builds not working when using modular jar - Changes of 4.2.7: * New features and improvements: + Respect order of META-INF/ and META-INF/MANIFEST.MF entries in a JAR file - Changes of 4.2.6: * New features and improvements: + FileInputStream, FileOutputStream, FileReader and FileWriter are no longer used + Code cleanup - Changes of 4.2.5: * New features and improvements: + Speed improvements * Bugs fixed: + Fixed use of a mismatching Unicode path extra field in zip unarchiving - Changes of 4.2.4: * Bugs fixed: + Fixed unjustified warning about casing for directory entries - Changes of 4.2.2: * Bugs fixed: + DirectoryArchiver fails for symlinks if a parent directory doesn't exist objectweb-asm was updated to version 9.6: - Changes of version 9.6: * New Opcodes.V22 constant for Java 22 * Bugs fixed: + Analyzer produces frames that have different locals than those detected by JRE bytecode verifier + Invalid stackmap generated when the instruction stream has new instruction after invokespecial to <init> + Analyzer can fail to catch thrown exceptions + `asm-analysis` Frame allocates an array unnecessarily inside `executeInvokeInsn` + Fixed bug in `CheckFrameAnalyzer` with static methods - Changes of version 9.5: * New Opcodes.V21 constant for Java 21 * New readBytecodeInstructionOffset hook in ClassReader * Added more detailed exception messages * Javadoc improvements and fixes * Bugs fixed: + Silent removal of zero-valued entries from the line-number table - Changes of version 9.4: * Changes: + New Opcodes.V20 constant for Java 20 + Added more checks in CheckClassAdapter + Javadoc improvements and fixes + `module-info` classes can be built without Gradle and Bnd + Parent POM updated to `org.ow2:ow2:1.5.1` * Bugs fixed: +`CheckClassAdapter` is no longer transparent for MAXLOCALS + Added public `getDelegate` method to all visitor classes + Analyzer does not compute optimal maxLocals for static methods + Fixed `SignatureWriter` when a generic type has a depth over 30 + Skip remap inner class name if not changed in Remapper maven-archiver was updated from version 3.5.0 to 3.6.1: - Changes of 3.6.1: * New Features: + Deprecated the JAR Index feature (JDK-8302819) * Task: + Refreshed download page + Prefer JDK features over plexus-utils, plexus-io - Changes of 3.6.0: * Task: + Require Java 8 + Drop m-shared-utils from deps maven-assembly-plugin was updated from version 3.3.0 to 3.6.0: - Changes of 3.6.0: * Bugs fixed: + finalName as readonly parameter makes common usecases very complicated + Symbolic links get copied with absolute path + Warning if using Maven 3.9.1 + Minimal default Manifest configuration of jar archiver should be respected * New Features: + Support Zstandard compression format * Improvements: + In RB mode, apply 022 umask to ignore environment group write umask + Added system requirements history * Task: + Dropped deprecated repository element + Support running build on Java 20 + Refresh download page + Cleanup declared dependencies + Avoid using deprecated methods of `plexus-archiver` - Changes of 3.5.0: * Bugs fixed: + File permissions removed during assembly:single since 3.2.0 - Changes of 3.4.2: * Bugs fixed: + Fixed Excludes filtering * Task: + Fixed examples to refer to https instead of http - Changes of 3.4.1: * Bugs fixed: + Fixed error build with shared assemblies - Changes of 3.4.0: * Bugs fixed: + dependencySet includes filter with classifier breaks include of artifacts without classifier * Task: + Speed improvements + Update plugin (requires Maven 3.2.5+) + Assembly plugin resolves too much, even plugins used to build dependencies + Deprecated the repository element in assembly descriptor + Upgraded to Java 8, drop unused dependencies maven-common-artifact-filters was updated from version 3.0.1 to 3.3.2: - Changes of 3.3.2: * Bugs fixed: + PatternIncludesArtifactFilters raising NPE for patterns w/ wildcards and artifactoid w/ null on any coordinate - Changes of 3.3.1: * Bugs fixed: + Pattern w/ 4 elements may be GATV or GATC - Changes of 3.3.0: * Bugs fixed: + null passed to DependencyFilter in EclipseAetherFilterTransformerTest + PatternIncludesArtifactFilter#include(Artifact) + Common Artifact Filters pattern parsing with classifier is broken * Task: + Sanitized dependencies + Upgraded to Maven Parent 36, to Maven 3.2.5, to Java 8 and clean up dependencies - Changes of 3.2.0: * Improvements: + Big speed improvements for patterns that do not contain any wildcard - Changes of 3.1.1: * Bugs fixed: + Updated JIRA URL for maven-common-artifact-filters * Improvements: + Made build Reproducible - Changes of 3.1.0: * Bugs fixed: + Several filters do not preserve order of artifacts filtered maven-compiler-plugin was updated from version 3.10.1 to 3.11.0: Changes of 3.11.0: * New features and improvements: + Added a useModulePath switch to the testCompile mojo + Allow dependency exclusions for 'annotationProcessorPaths' + Use maven-resolver to resolve 'annotationProcessorPaths' dependencies + Upgrade plexus-compiler to improve compiling message + compileSourceRoots parameter should be writable + Change showWarnings to true by default + Warn about warn-config conflicting values + Update default source/target from 1.7 to 1.8 + Display recompilation causes + Added some parameter to pattern from stale source calculation + Added dedicated option for implicit javac flag * Bugs fixed: + Fixed incorrect detection of dependency change + Test with Maven 3.9.0 and fix the failing IT + Resolved all annotation processor dependencies together + Defining maven.compiler.release as empty string ends with NumberFormatException in testCompileMojo + Fixed missing dirs in createMissingPackageInfoClasses + Set Xcludes in config passed to actual compiler maven-dependency-analyzer was updated from version 1.10 to 1.13.2: - Changes of 1.13.2: * Changes and bugs fixed: + Made mvn dependency:analyze work with OpenJDK 11 + Fixed jdk8 incompatibility at runtime (NoSuchMethodError) + Upgraded asm to 8.0.1 + Use try with resources to avoid leaks + dependency:analyze recommends test scope for test-only artifacts that have non-test scope + remove reference to deprecated public mutable field + Updated JIRA URL + dependency:analyze should recommend narrower scope where possible + Remove dependency on jmock + Inline deprecated field + Added more JavaDoc + Handle different classes from same artifact used by model and test code + Included class names in used undeclared dependencies + Check maximum allowed Maven version + Get rid of maven-plugin-testing-tools for IT test + Require Maven 3.2.5+ + Analyze project classes only once + Fixed array parsing + CONSTANT_METHOD_TYPE should not add to classes + Inner classes are in same compilation unit as container class + Upgraded Parent to 36 + Cleanup IT tests + Replace Codehaus Plexus utils with java.nio.file.Files and Apache Commons + Fixed bug with "non-test scoped test only dependencies found" + Bump asm from 9.4 to 9.5 + Refresh download page + Upgrade Parent to 39 + Build on JDK 19, 20 + Prefer JDK classes to Plexus utils + Replaced System.out by logger + Fixed java.lang.RuntimeException: Unknown constant pool type + Switched to JUnit 5 + Dependency improvements maven-dependency-plugin was updated from version 3.1.2 to 3.6.0: - Changes in 3.6.0: * Bugs fixed: + Obsolete example of -Dverbose on web page + Unsupported verbose option still appears in docs + dependency:go-offline does not use repositories from parent pom in reactor build + Fixed possible NPE + `dependency:analyze-only` goal fails on OpenJDK 14 + FileWriter and FileReader should be replaced + Dependency Plugin go-offline doesn't respect artifact classifier + analyze-only failed: Unsupported class file major version 60 (Java 16) + analyze-only failed: Unsupported class file major version 61 (Java 17) + copy-dependencies fails when using excludeScope=test + mvn dependency:analyze detected wrong transitive dependency + dependency plugin does not work with JDK 16 + skip dependency analyze in ear packaging + Non-test dependency reported as Non-test scoped test only dependency + 'Dependency not found' with 3.2.0 and Java-17 while analyzing + Tree plugin does not terminate with 3.2.0 + Minor improvement - continue + analyze-only failed: PermittedSubclasses requires ASM9 + Broken Link to "Introduction to Dependency Mechanism Page" + Sealed classes not supported + Dependency tree in verbose mode for war is empty + Javadoc was not updated to reflect that :tree's verbose option is now ok + error dependency:list (caused by postgresql dependency) + :list-classes does not skip if skip is set + :list-classes does not use GAV parameters * New Features: + Reintroduce the verbose option for dependency:tree + List classes in a given artifact + dependency:analyze should recommend narrower scope where possible + Added analyze parameter "ignoreUnusedRuntime" + Allow ignoring non-test-scoped dependencies + Added a <stripType> option to unpack goals + Allow auto-ignore of all non-test scoped dependencies used only in test scope * Improvements: + Unused method o.a.m.p.d.t.TreeMojo.containsVersion + Minor improvements + GitHub Action build improvement + dependency:analyze should list the classes that cause a used undeclared dependency + Improve documentation of analyze - Non-test scoped + Turn warnings into errors instead of failOnWarning + maven-dependency-plugin should leverage plexus-build-api to support IDEs + TestListClassesMojo logs too much + Use outputDirectory from AbstractMavenReport + Removed not used dependencies / Replace parts + list-repositories - improvements + warns about depending on plexus-container-default + Replace AnalyzeReportView with a new AnalyzeReportRenderer * Task: + Removed no longer required exclusions + Java 1.8 as minimum + Explicitly start and end tables with Doxia Sinks in report renderers + Replace Maven shared StringUtils with Commons Lang3 + Removed unused and ignored parameter - useJvmChmod + Removed custom plexus configuration + Code refactor - UnpackUtil + Refresh download page maven-dependency-tree was updated from version 3.0.1 to 3.2.1: - Changes in 3.2.1: * Bugs fixed: + DependencyCollectorBuilder does not collect dependencies when artifact has 'war' packaging + Transitive provided dependencies are not removed from collected dependency graph * New Features: + DependencyCollectorBuilder more configurable * Improvements: + DependencyGraphBuilder does not provide verbose tree + DependencyGraphBuilders shouldn't need reactorProjects for resolving dependencies + Maven31DependencyGraphBuilder should not download dependencies other than the pom + Fixed `plexus-component-annotation` in line with `plexus-component-metadata` + Upgraded parent to 31 + Added functionality to collect raw dependencies in Maven 3+ + Annotate DependencyNodes with dependency management metadata + Require Java 8 + Upgrade `org.eclipse.aether:aether-util` dependency in org.apache.maven.shared:maven-dependency-tree + Added Exclusions to DependencyNode + Made build Reproducible + Migrate plexus component to JSR-330 + Drop maven 3.0 compatibility * Dependency upgrade: + Upgrade shared-component to version 33 + Upgrade Parent to 36 + Bump maven-shared-components from 36 to 37 - Removed unnecessary dependency on xmvn tools and parent pom maven-enforcer was updated to version 3.4.1: - Update to version 3.4.1: * Bugs fixed: + In a multi module project "bannedDependencies" rule tries to resolve project artifacts from external repository + Require Release Dependencies ignorant about aggregator build + banDuplicatePomDependencyVersions does not check managementDependencies + Beanshell rule is not thread-safe + RequireSnapshotVersion not compatible with CI Friendly Versions (${revision}) + NPE when using new <?m2e execute ?> syntax with maven-enforcer-plugin + Broken links on Maven Enforcer Plugin site + RequirePluginVersions not recognizing versions-from-properties + [REGRESSION] RequirePluginVersions fails when versions are inherited + requireFilesExist rule should be case sensitive + Broken Links on Project Home Page + TestRequireOS uses hamcrest via transitive dependency + plexus-container-default in enforcer-api is very outdated + classifier not included in output of failes RequireUpperBoundDeps test + Exclusions are not considered when looking at parent for requireReleaseDeps + requireUpperBoundDeps does not fail when packaging is 'war' + DependencyConvergence in 3.0.0 fails on provided scoped dependencies + NPE on requireReleaseDeps with non-matching includes + RequireUpperBoundDeps now follow scope provided transitive dependencies + Use currently build artifacts in IT tests + requireReleaseDeps does not support optional dependencies or runtime scope + Enforcer 3.0.0 breaks with Maven 3.8.4 + Version 3.1.0 is not enforcing bannedDependencies rules + DependencyConvergence treats provided dependencies are runtime dependencies + Plugin shouldn't use NullPointerException for non-exceptional code flow + NPE in RequirePluginVersions + ReactorModuleConvergence not cached in reactor + RequireUpperBoundDeps fails on provided dependencies since 3.2.1 + Problematic dependency resolution by new 'banDynamicVersions' rule + banTransitiveDependencies: failing if a transitive dependencies has another version than the resolved one + Filtering dependency tree by scope + Upgrading to 3.0.0 causes 'Could not build dependency tree' with repositories some unknown protocol + DependencyConvergence in 3.1.0 fails when using version ranges + Semantics of 'ignores' parameter of 'banDynamicVersions' is inverted + Omission of 'excludedScopes' parameter of 'banDynamicVersions' causes NPE + ENFORCER: plugin-info and mojo pages not found * New Features: + requireUpperBounds deps should have includes + Introduce RequireTextFileChecksum with line separator normalization + allow no rules + show rules processed + DependencyConvergence should support including/excluding certain dependencies + Support declaring external banned dependencies in an external file/URL + Maven enforcer rule which checks that all dependencies have an explicit scope set + Maven enforcer rule which checks that all dependencies in dependencyManagement don't have an explicit scope set + Rule for no version ranges, version placeholders or SNAPSHOT versions + Allow one of many files in RequireFiles rules to pass + Skip specific rules + New Enforcer API + New Enforcer API - RuleConfigProvider + Move Built-In Rules to new API * Improvements: + wildcard ignore in requireReleaseDeps + Improve documentation about writing own Enforcer Rule + RequireActiveProfile should respect inherited activated profiles + Upgrade maven-dependency-tree to 3.x + Improve dependency resolving in multiple modules project + requireUpperBoundDeps: add [<scope>] and colors to the output + Example for writing a custom rule should be upgraded + Along with JavaVersion, allow enforcement of the JavaVendor + Included Java vendor in display-info output + requireMavenVersion x.y.z is processed as (,x.y.z] instead of [x.y.z,) + Consistently format artifacts same as dependency:tree + Made build Reproducible + Added support for excludes/includes in requireJavaVendor rule + Introduce Maven Enforcer Extension + Extends RequirePluginVersions with banMavenDefaults + Shared GitHub Actions + Log at ERROR level when <fail> is set + Reuse getDependenciesToCheck results across rules + Violation messages can be really hard to find in a multi module project + Clarify class loading for custom Enforcer rules + Using junit jupiter bom instead of single artifacts. + Get rid of maven-dependency-tree dependency + Allow 8 as JDK version for requireJavaVersion + Improve error message for rule "requireJavaVersion" + Include Java Home in Message for Java Rule Failures + Manage all Maven Core dependencies as provided + Mange rules configuration by plugin + Deprecate 'rules' property and introduce 'enforcer.rules' as a replacement + Change success message from executed to passed + EnforcerLogger: Provide isDebugEnabled(), isErrorEnabled(), isWarnEnabled() and isInfoEnabled() + Properly declare dependencies * Test: + Regression test for dependency convergence problem fixed in 3.0.0 * Task: + Removed reference to travis or switch to travis.com + Fixed maven assembly links + Require Java 8 + Verify working with Maven 4 + Code cleanup + Refresh download page + Deprecate display-info mojo + Refresh site descriptors + Superfluous blanks in BanDuplicatePomDependencyVersions + Rename ResolveUtil to ResolverUtil maven-plugin-tools was updated from version 3.6.0 to version 3.9.0: - Changes of version 3.9.0: * Bugs fixed: + Fixed *-mojo.xml (in PluginXdocGenerator) is overwritten when multiple locales are defined + Generated table by PluginXdocGenerator does not contain default attributes * Improvements: + Omit empty line in generated help goal output if plugin description is empty + Use Plexus I18N rather than fiddling with * Task: + Removed reporting from maven-plugin-plugin: create maven-plugin-report-plugin * Dependency upgrade: + Upgrade plugins and components (in ITs) - Changes of version 3.8.2: * Improvements: + Used Resolver API, get rid of localRepository * Dependency upgrade: + Bump httpcore from 4.4.15 to 4.4.16 + Bump httpclient from 4.5.13 to 4.5.14 + Bump antVersion from 1.10.12 to 1.10.13 + Bump slf4jVersion from 1.7.5 to 1.7.36 + Bump plexus-java from 1.1.1 to 1.1.2 + Bump plexus-archiver from 4.6.1 to 4.6.3 + Bump jsoup from 1.15.3 to 1.15.4 + Bump asmVersion from 9.4 to 9.5 + Bump assertj-core from 3.23.1 to 3.24.2 - Changes of version 3.8.1: * Bugs fixed: + Javadoc reference containing a link label with spaces are not detected + JavadocLinkGenerator.createLink: Support nested binary class names + ERROR during build of m-plugin-report-p and m-plugin-p: Dependencies in wrong scope + "Executes as an aggregator plugin" documentation: s/plugin/goal/ + Maven scope warning should be logged at WARN level + Fixed Temporary File Information Disclosure Vulnerability * New features: + Support mojos using the new maven v4 api * Improvements: + Plugin descriptor should contain the requiredJavaVersion/requiredMavenVersion + Execute annotation only supports standard lifecycle phases due to use of enum + Clarify deprecation of all extractors but the maven-plugin-tools-annotations * Dependency upgrade: + Update to Maven Parent POM 39 + Bump junit-bom from 5.9.1 to 5.9.2 + Bump plexus-archiver from 4.5.0 to 4.6.1 - Changes of version 3.7.1: * Bugs fixed: + Maven scope warning should be logged at WARN level - Changes of version 3.7.0: * Bugs fixed: + The plugin descriptor generated by plugin:descriptor does not consider @ see javadoc taglets + Report-Mojo doesn't respect input encoding + Generating site reports for plugin results in NoSuchMethodError + JDK Requirements in plugin-info.html: Consider property "maven.compiler.release" + Parameters documentation inheriting @ since from Mojo can be confusing + Don't emit warning for missing javadoc URL of primitives + Don't emit warning for missing javadoc URI if no javadoc sources are configured + Parameter description should be taken from annotated item * New Features: + Added link to javadoc in configuration description page for user defined types of Mojos. + Allow only @ Deprecated annotation without @ deprecated javadoc tag + add system requirements history section + report: allow to generate usage section in plugin-info.html with true + Allow @ Parameter on setters methods + Extract plugin report into its own plugin + report: Expose generics information of Collection and Map types * Improvement: + plugin-info.html should contain a better Usage section + Do not overwrite generate files with no content change + Upgrade to JUnit 5 and @ Inject annotations + Support for java 20 - ASM 9.4 + Don't print empty Memory, Disk Space in System Requirements + simplification in helpmojo build + Get rid of plexus-compiler-manager from tests + Use Maven core artifacts in provided scope + report and descriptor goal need to evaluate Javadoc comments differently + Allow to reference aggregator javadoc from plugin report * Task: + Detect legacy/javadoc Mojo definitions, warn to use Java 5 annotations + Update level to Java 8 + Deprecate scripting support for mojos + Deprecate requirements parameter in report Mojo + Removed duplicate code from PluginReport + Prepare for Doxia (Sitetools) 2.0.0 + Fixed documentation for maven-plugin-report-plugin + Removed deprecated items from new maven-plugin-report-plugin + Improve site build + Improve dependency management + Plugin generator generation fails when the parent class comes from a different project * Dependency upgrade: + Upgrade Maven Reporting API/Impl to 3.1.0 + Upgrade Parent to 36 + Upgrade project dependencies after JDK 1.8 + Bump maven-parent from 36 to 37 + Upgrade Maven Reporting API to 3.1.1/Maven Reporting Impl to 3.2.0 + Upgrade plexus-utils to 3.5.0 - Changes of version 3.6.4: * Restored compatibility with Maven 3 ecosystem * Upgraded dependencies - Changes of version 3.6.3: * Added prerequisites to plugin pom * Exclude dependency in provided scope from plugin descriptor * Get rid of String.format use * Fixed this logging as well * Simplify documentation * Exclude maven-archiver and maven-jxr from warning - Changes of version 3.6.2: * Deprecated unused requiresReports flag * Check that Maven dependencies are provided scope * Update ITs * Use shared gh action * Deprecate unsupported Mojo descriptor items * Weed out ITs * Upgrade to maven 3.x and avoid using deprecated API * Drop legacy dependencies * Use shared gh action - v1 * Fixed wording in javadoc - Changes of version 3.6.1: * What's Changed: * Added missing @OverRide and make methods static * Upgraded to JUnit 4.12 * Upgraded parent POM and other dependencies * Updated plugins * Upgraded Doxia Sitetools to 1.9.2 to remove dependency on Struts * removed Maven 2 info * Removed unneeded dependency * Tighten the dependency tree * Ignore .checkstyle * Strict dependencies for maven-plugin-tools-annotations * Improved @execute(goal...) docs * Improve @execute(lifecycle...) docs plexus-compiler was updated from version 2.11.1 to 2.14.2: - Changes of 2.14.2: * Removed: + Drop J2ObjC compiler * New features and improvements: + Update AspectJ Compiler to 1.9.21 to support Java 21 + Require JDK 17 for build + Improve locking on JavacCompiler + Include 'parameter' and 'preview' describe log + Switch to SISU annotations and plugin, fixes #217 + Support jdk 21 + Require Maven 3.5.4+ + Require Java 11 for plexus-compiler-eclipse an javac-errorprone and aspectj compilers + Added support to run its with Java 20 * Bugs fixed: + Fixed javac memory leak + Validate zip file names before extracting (Zip Slip) + Restore AbstractCompiler#getLogger() method + Return empty list for not existing source root location + Improve javac error output parsing - Changes of 2.13.0: * New features and improvements: + Fully ignore any possible jdk bug + MCOMPILER-402: Added implicitOption to CompilerConfiguration + Added a custom compile argument replaceProcessorPathWithProcessorModulePath to force the plugin replace processorPath with processormodulepath + describe compiler configuration on run + simplify "Compiling" info message: display relative path * Bugs fixed: + Respect CompilerConfiguration.sourceFiles in EclipseJavaCompiler + Avoid NPE in AspectJCompilerTest on AspectJ 1.9.8+ * Dependency updates: + Bump maven-surefire-plugin from 3.0.0-M5 to 3.0.0-M6 + Bump error_prone_core from 2.11.0 to 2.13.1 + Bump github/codeql-action from 1 to 2 + Bump ecj from 3.28.0 to 3.29.0 + Bump release-drafter/release-drafter from 5.18.1 to 5.19.0 + Bump ecj from 3.29.0 to 3.30.0 + Bump maven-invoker-plugin from 3.2.2 to 3.3.0 + Bump maven-enforcer-plugin from 3.0.0 to 3.1.0 + Bump error_prone_core from 2.13.1 to 2.14.0 + Bump maven-surefire-plugin from 3.0.0-M6 to 3.0.0-M7 + Bump ecj from 3.31.0 to 3.32.0 + Bump junit-bom from 5.9.0 to 5.9.1 + Bump ecj from 3.30.0 to 3.31.0 + Bump groovy from 3.0.12 to 3.0.13 + Bump groovy-json from 3.0.12 to 3.0.13 + Bump groovy-xml from 3.0.12 to 3.0.13 + Bump animal-sniffer-maven-plugin from 1.21 to 1.22 + Bump error_prone_core from 2.14.0 to 2.15.0 + Bump junit-bom from 5.8.2 to 5.9.0 + Bump groovy-xml from 3.0.11 to 3.0.12 + Bump groovy-json from 3.0.11 to 3.0.12 + Bump groovy from 3.0.11 to 3.0.12 * Maintenance: + Require Maven 3.2.5 </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor