Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP2
patchinfo.28307
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.28307
<patchinfo incident="28307"> <issue tracker="cve" id="2021-42550"/> <issue tracker="bnc" id="1193795">VUL-0: CVE-2021-42550: logback: remote code execution through JNDI call from within its configuration file</issue> <issue tracker="jsc" id="SLE-23217"/> <packager>fstrba</packager> <rating>important</rating> <category>security</category> <summary>Security update for maven and recommended update for antlr3, minlog, sbt, xmvn</summary> <description>This update for antlr3, maven, minlog, sbt, xmvn fixes the following issues: maven: - Version update from 3.8.5 to 3.8.6 (jsc#SLE-23217): * Security fixes: + CVE-2021-42550: Update Version of (optional) Logback (bsc#1193795) * Bug fixes: + Fix resolver session containing non-MavenWorkspaceReader + Fix for multiple maven instances working on same source tree that can lock each other + Don't ignore bin/ otherwise bin/ in apache-maven module cannot be added back + Fix IllegalStateException in SessionScope during guice injection in multithreaded build + Revert MNG-7347 (SessionScoped beans should be singletons for a given session) + Fix compilation failure with relocated transitive dependency + Fix deadlock during forked lifecycle executions + Fix issue with resolving dependencies between submodules * New features and improvements: + Create a multiline message helper for boxed log messages + Display a warning when an aggregator mojo is locking other mojo executions + Align Assembly Descriptor NS versions * Dependency upgrades: + Upgrade SLF4J to 1.7.36 + Upgrade JUnit to 4.13.2 + Upgrade Plexus Utils to 3.3.1 - Move mvn.1 from bin to man directory antlr3: - Bug fixes in this version update from 3.5.2 to 3.5.3 (jsc#SLE-23217): * Change source compatibility to 1.8 and enable github workflows * Change Wiki URLs to theantlrguy.atlassian.net in README.txt * Add Bazel support - Remove enforcer plugin as it is not needed in a controlled environment minlog: - Bug fixes in this version update from 1.3.0 to 1.3.1 (jsc#SLE-23217): * Use currentTimeMillis * Use 3-Clause BSD * Use Java 7 JDK. sbt: - Fix build issues with maven 3.8.6 (jsc#SLE-23217) xmvn: - Remove RPM package build dependency on easymock (jsc#SLE-23217) </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor