[ubuntu/jammy-security] maven-shared-utils 3.3.0-1ubuntu0.22.04.1 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Thu Apr 11 21:29:35 UTC 2024
maven-shared-utils (3.3.0-1ubuntu0.22.04.1) jammy-security; urgency=medium
* SECURITY UPDATE: Commandline class can emit double-quoted strings
without proper escaping, allowing shell injection attacks.
- debian/patches/CVE-2022-29599.patch: BourneShell unconditionally
single quotes executable and arguments.
- CVE-2022-29599
Date: 2024-03-28 00:59:39.741388+00:00
Changed-By: Chris <chris.kim at canonical.com>
Signed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/maven-shared-utils/3.3.0-1ubuntu0.22.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list