Issued:: 2022-04-26
Updated:: 2022-04-26

RHSA-2022:1541 - Security Advisory

Overview
Updated Packages

Synopsis

Important: maven-shared-utils security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for maven-shared-utils is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven.

Security Fix(es):

maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server 7 x86_64
Red Hat Enterprise Linux Workstation 7 x86_64
Red Hat Enterprise Linux Desktop 7 x86_64
Red Hat Enterprise Linux for IBM z Systems 7 s390x
Red Hat Enterprise Linux for Power, big endian 7 ppc64
Red Hat Enterprise Linux for Scientific Computing 7 x86_64
Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

BZ - 2066479 - CVE-2022-29599 maven-shared-utils: Command injection via Commandline class

CVEs

CVE-2022-29599

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 7

SRPM
maven-shared-utils-0.4-4.el7_9.src.rpm	SHA-256: 76a77f52666914b34e76c3115187a775009f863681d8dea73e3f3f6a2deb09f0
x86_64
maven-shared-utils-0.4-4.el7_9.noarch.rpm	SHA-256: 8623b03a871c84bf0326e6b7f6292b4ccbdc6858e0b17d27fe51a06461045a6f
maven-shared-utils-javadoc-0.4-4.el7_9.noarch.rpm	SHA-256: d0cfe1f9ecfd26b684e804ab139e7e598f91fa2a950276bbcd7f48d6e2c48192

Red Hat Enterprise Linux Workstation 7

SRPM
maven-shared-utils-0.4-4.el7_9.src.rpm	SHA-256: 76a77f52666914b34e76c3115187a775009f863681d8dea73e3f3f6a2deb09f0
x86_64
maven-shared-utils-0.4-4.el7_9.noarch.rpm	SHA-256: 8623b03a871c84bf0326e6b7f6292b4ccbdc6858e0b17d27fe51a06461045a6f
maven-shared-utils-javadoc-0.4-4.el7_9.noarch.rpm	SHA-256: d0cfe1f9ecfd26b684e804ab139e7e598f91fa2a950276bbcd7f48d6e2c48192

Red Hat Enterprise Linux Desktop 7

SRPM
maven-shared-utils-0.4-4.el7_9.src.rpm	SHA-256: 76a77f52666914b34e76c3115187a775009f863681d8dea73e3f3f6a2deb09f0
x86_64
maven-shared-utils-0.4-4.el7_9.noarch.rpm	SHA-256: 8623b03a871c84bf0326e6b7f6292b4ccbdc6858e0b17d27fe51a06461045a6f
maven-shared-utils-javadoc-0.4-4.el7_9.noarch.rpm	SHA-256: d0cfe1f9ecfd26b684e804ab139e7e598f91fa2a950276bbcd7f48d6e2c48192

Red Hat Enterprise Linux for IBM z Systems 7

SRPM
maven-shared-utils-0.4-4.el7_9.src.rpm	SHA-256: 76a77f52666914b34e76c3115187a775009f863681d8dea73e3f3f6a2deb09f0
s390x
maven-shared-utils-0.4-4.el7_9.noarch.rpm	SHA-256: 8623b03a871c84bf0326e6b7f6292b4ccbdc6858e0b17d27fe51a06461045a6f
maven-shared-utils-javadoc-0.4-4.el7_9.noarch.rpm	SHA-256: d0cfe1f9ecfd26b684e804ab139e7e598f91fa2a950276bbcd7f48d6e2c48192

Red Hat Enterprise Linux for Power, big endian 7

SRPM
maven-shared-utils-0.4-4.el7_9.src.rpm	SHA-256: 76a77f52666914b34e76c3115187a775009f863681d8dea73e3f3f6a2deb09f0
ppc64
maven-shared-utils-0.4-4.el7_9.noarch.rpm	SHA-256: 8623b03a871c84bf0326e6b7f6292b4ccbdc6858e0b17d27fe51a06461045a6f
maven-shared-utils-javadoc-0.4-4.el7_9.noarch.rpm	SHA-256: d0cfe1f9ecfd26b684e804ab139e7e598f91fa2a950276bbcd7f48d6e2c48192

Red Hat Enterprise Linux for Scientific Computing 7

SRPM
maven-shared-utils-0.4-4.el7_9.src.rpm	SHA-256: 76a77f52666914b34e76c3115187a775009f863681d8dea73e3f3f6a2deb09f0
x86_64
maven-shared-utils-0.4-4.el7_9.noarch.rpm	SHA-256: 8623b03a871c84bf0326e6b7f6292b4ccbdc6858e0b17d27fe51a06461045a6f
maven-shared-utils-javadoc-0.4-4.el7_9.noarch.rpm	SHA-256: d0cfe1f9ecfd26b684e804ab139e7e598f91fa2a950276bbcd7f48d6e2c48192

Red Hat Enterprise Linux for Power, little endian 7

SRPM
maven-shared-utils-0.4-4.el7_9.src.rpm	SHA-256: 76a77f52666914b34e76c3115187a775009f863681d8dea73e3f3f6a2deb09f0
ppc64le
maven-shared-utils-0.4-4.el7_9.noarch.rpm	SHA-256: 8623b03a871c84bf0326e6b7f6292b4ccbdc6858e0b17d27fe51a06461045a6f
maven-shared-utils-javadoc-0.4-4.el7_9.noarch.rpm	SHA-256: d0cfe1f9ecfd26b684e804ab139e7e598f91fa2a950276bbcd7f48d6e2c48192

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation