[Bug 255161] devel/maven: update to 3.8.1
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Apr 19 04:11:51 UTC 2021
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255161
--- Comment #2 from commit-hook at FreeBSD.org ---
A commit in branch main references this bug:
URL:
https://cgit.FreeBSD.org/ports/commit/?id=887cfadcdf5e7ce9a33ef83ee6ee7b63ff855830
commit 887cfadcdf5e7ce9a33ef83ee6ee7b63ff855830
Author: Kevin Bowling <kbowling at FreeBSD.org>
AuthorDate: 2021-04-19 04:05:30 +0000
Commit: Kevin Bowling <kbowling at FreeBSD.org>
CommitDate: 2021-04-19 04:11:34 +0000
devel/maven: update to 3.8.1
This is not just a bugfix as it contains three features that cause a change
of
default behavior (external HTTP insecure URLs are now blocked by default):
your
builds may fail when using this new Maven release, if you use now blocked
repositories. Please check and eventually fix before upgrading.
Changes http://maven.apache.org/docs/3.8.1/release-notes.html
PR: 255161
Approved by: Jonathan Chen <jonc at chen.org.nz> (maintainer)
Security: CVE-2021-26291
CVE-2020-13956
devel/maven/Makefile | 2 +-
devel/maven/distinfo | 6 ++---
devel/maven/pkg-plist | 18 ++++++-------
security/vuxml/vuln.xml | 67 +++++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 80 insertions(+), 13 deletions(-)
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list