Vulnerability from csaf_suse
Published
2024-02-21 04:34
Modified
2024-02-21 04:34
Summary
Recommended update for Java
Notes
Title of the patch
Recommended update for Java
Description of the patch
This update for Java fixes the following issues:
plexus-archiver was updated from version 4.2.1 to 4.8.0:
- Changes of 4.8.0:
* Security issues fixed:
+ CVE-2023-37460: Avoid override target symlink by standard file in AbstractUnArchiver (bsc#1215973)
* New features and improvements:
+ Added tzst alias for tar.zst archiver/unarchived
* Bugs fixed:
+ Detect permissions for addFile
* Maintenance:
+ Removed public modifier from JUnit 5 tests
+ Use https in scm/url
+ Removed junit-jupiter-engine from project dependencies
+ Removed parent and reports menu from site
+ Cleanup after 'veryLargeJar' test
+ Override project.url
- Changes of 4.7.1:
* Bugs fixed:
+ Don't apply umask on unknown perms (Win)
- Changes of 4.7.0:
* New features and improvements:
+ add umask support and use 022 in RB mode
+ Use NIO Files for creating temporary files
+ Deprecate the JAR Index feature (JDK-8302819)
+ Added Archiver aliases for tar.*
* Maintenance:
+ Use JUnit TempDir to manage temporary files in tests
+ Override uId and gId for Tar in test
+ Bump maven-resources-plugin from 2.7 to 3.3.1
- Changes of 4.6.3:
* New features and improvements:
+ Fixed path traversal vulnerability
The vulnerability affects only directories whose name begins
with the same prefix as the destination directory. For example
malicious archive may extract file in /opt/directory instead
of /opt/dir.
- Changes of 4.6.2:
* Bugs fixed:
+ Fixed regression in handling symbolic links
- Changes of 4.6.1:
* Bugs fixed:
+ Normalize file separators before warning about equal archive entries
- Changes of 4.6.0:
* New features and improvements:
+ keep file/directory permissions in Reproducible Builds mode
- Changes of 4.5.0:
* New features and improvements:
+ Added zstd (un)archiver support
* Bugs fixed:
+ Fixed UnArchiver#isOverwrite not working as expected
- Changes of 4.4.0:
* New features and improvements:
+ Drop legacy plexus API and use only JSR330 components
- Changes of 4.3.0:
* New features and improvements:
+ Require Java 8
+ Refactor to use FileTime API
+ Rename setTime method to setZipEntryTime
+ Convert InputStreamSupplier to lambdas
* Bugs fixed:
+ Reproducible Builds not working when using modular jar
- Changes of 4.2.7:
* New features and improvements:
+ Respect order of META-INF/ and META-INF/MANIFEST.MF entries in a JAR file
- Changes of 4.2.6:
* New features and improvements:
+ FileInputStream, FileOutputStream, FileReader and FileWriter are no longer used
+ Code cleanup
- Changes of 4.2.5:
* New features and improvements:
+ Speed improvements
* Bugs fixed:
+ Fixed use of a mismatching Unicode path extra field in zip unarchiving
- Changes of 4.2.4:
* Bugs fixed:
+ Fixed unjustified warning about casing for directory entries
- Changes of 4.2.2:
* Bugs fixed:
+ DirectoryArchiver fails for symlinks if a parent directory doesn't exist
objectweb-asm was updated to version 9.6:
- Changes of version 9.6:
* New Opcodes.V22 constant for Java 22
* Bugs fixed:
+ Analyzer produces frames that have different locals than those detected by JRE bytecode verifier
+ Invalid stackmap generated when the instruction stream has new instruction after invokespecial to <init>
+ Analyzer can fail to catch thrown exceptions
+ `asm-analysis` Frame allocates an array unnecessarily inside `executeInvokeInsn`
+ Fixed bug in `CheckFrameAnalyzer` with static methods
- Changes of version 9.5:
* New Opcodes.V21 constant for Java 21
* New readBytecodeInstructionOffset hook in ClassReader
* Added more detailed exception messages
* Javadoc improvements and fixes
* Bugs fixed:
+ Silent removal of zero-valued entries from the line-number table
- Changes of version 9.4:
* Changes:
+ New Opcodes.V20 constant for Java 20
+ Added more checks in CheckClassAdapter
+ Javadoc improvements and fixes
+ `module-info` classes can be built without Gradle and Bnd
+ Parent POM updated to `org.ow2:ow2:1.5.1`
* Bugs fixed:
+`CheckClassAdapter` is no longer transparent for MAXLOCALS
+ Added public `getDelegate` method to all visitor classes
+ Analyzer does not compute optimal maxLocals for static methods
+ Fixed `SignatureWriter` when a generic type has a depth over 30
+ Skip remap inner class name if not changed in Remapper
maven-archiver was updated from version 3.5.0 to 3.6.1:
- Changes of 3.6.1:
* New Features:
+ Deprecated the JAR Index feature (JDK-8302819)
* Task:
+ Refreshed download page
+ Prefer JDK features over plexus-utils, plexus-io
- Changes of 3.6.0:
* Task:
+ Require Java 8
+ Drop m-shared-utils from deps
maven-assembly-plugin was updated from version 3.3.0 to 3.6.0:
- Changes of 3.6.0:
* Bugs fixed:
+ finalName as readonly parameter makes common usecases very complicated
+ Symbolic links get copied with absolute path
+ Warning if using Maven 3.9.1
+ Minimal default Manifest configuration of jar archiver should be respected
* New Features:
+ Support Zstandard compression format
* Improvements:
+ In RB mode, apply 022 umask to ignore environment group write umask
+ Added system requirements history
* Task:
+ Dropped deprecated repository element
+ Support running build on Java 20
+ Refresh download page
+ Cleanup declared dependencies
+ Avoid using deprecated methods of `plexus-archiver`
- Changes of 3.5.0:
* Bugs fixed:
+ File permissions removed during assembly:single since 3.2.0
- Changes of 3.4.2:
* Bugs fixed:
+ Fixed Excludes filtering
* Task:
+ Fixed examples to refer to https instead of http
- Changes of 3.4.1:
* Bugs fixed:
+ Fixed error build with shared assemblies
- Changes of 3.4.0:
* Bugs fixed:
+ dependencySet includes filter with classifier breaks include of artifacts without classifier
* Task:
+ Speed improvements
+ Update plugin (requires Maven 3.2.5+)
+ Assembly plugin resolves too much, even plugins used to build dependencies
+ Deprecated the repository element in assembly descriptor
+ Upgraded to Java 8, drop unused dependencies
maven-common-artifact-filters was updated from version 3.0.1 to 3.3.2:
- Changes of 3.3.2:
* Bugs fixed:
+ PatternIncludesArtifactFilters raising NPE for patterns w/ wildcards and artifactoid w/ null on any coordinate
- Changes of 3.3.1:
* Bugs fixed:
+ Pattern w/ 4 elements may be GATV or GATC
- Changes of 3.3.0:
* Bugs fixed:
+ null passed to DependencyFilter in EclipseAetherFilterTransformerTest
+ PatternIncludesArtifactFilter#include(Artifact)
+ Common Artifact Filters pattern parsing with classifier is broken
* Task:
+ Sanitized dependencies
+ Upgraded to Maven Parent 36, to Maven 3.2.5, to Java 8 and clean up dependencies
- Changes of 3.2.0:
* Improvements:
+ Big speed improvements for patterns that do not contain any wildcard
- Changes of 3.1.1:
* Bugs fixed:
+ Updated JIRA URL for maven-common-artifact-filters
* Improvements:
+ Made build Reproducible
- Changes of 3.1.0:
* Bugs fixed:
+ Several filters do not preserve order of artifacts filtered
maven-compiler-plugin was updated from version 3.10.1 to 3.11.0:
Changes of 3.11.0:
* New features and improvements:
+ Added a useModulePath switch to the testCompile mojo
+ Allow dependency exclusions for 'annotationProcessorPaths'
+ Use maven-resolver to resolve 'annotationProcessorPaths' dependencies
+ Upgrade plexus-compiler to improve compiling message
+ compileSourceRoots parameter should be writable
+ Change showWarnings to true by default
+ Warn about warn-config conflicting values
+ Update default source/target from 1.7 to 1.8
+ Display recompilation causes
+ Added some parameter to pattern from stale source calculation
+ Added dedicated option for implicit javac flag
* Bugs fixed:
+ Fixed incorrect detection of dependency change
+ Test with Maven 3.9.0 and fix the failing IT
+ Resolved all annotation processor dependencies together
+ Defining maven.compiler.release as empty string ends with NumberFormatException in testCompileMojo
+ Fixed missing dirs in createMissingPackageInfoClasses
+ Set Xcludes in config passed to actual compiler
maven-dependency-analyzer was updated from version 1.10 to 1.13.2:
- Changes of 1.13.2:
* Changes and bugs fixed:
+ Made mvn dependency:analyze work with OpenJDK 11
+ Fixed jdk8 incompatibility at runtime (NoSuchMethodError)
+ Upgraded asm to 8.0.1
+ Use try with resources to avoid leaks
+ dependency:analyze recommends test scope for test-only artifacts that have non-test scope
+ remove reference to deprecated public mutable field
+ Updated JIRA URL
+ dependency:analyze should recommend narrower scope where possible
+ Remove dependency on jmock
+ Inline deprecated field
+ Added more JavaDoc
+ Handle different classes from same artifact used by model and test code
+ Included class names in used undeclared dependencies
+ Check maximum allowed Maven version
+ Get rid of maven-plugin-testing-tools for IT test
+ Require Maven 3.2.5+
+ Analyze project classes only once
+ Fixed array parsing
+ CONSTANT_METHOD_TYPE should not add to classes
+ Inner classes are in same compilation unit as container class
+ Upgraded Parent to 36
+ Cleanup IT tests
+ Replace Codehaus Plexus utils with java.nio.file.Files and Apache Commons
+ Fixed bug with 'non-test scoped test only dependencies found'
+ Bump asm from 9.4 to 9.5
+ Refresh download page
+ Upgrade Parent to 39
+ Build on JDK 19, 20
+ Prefer JDK classes to Plexus utils
+ Replaced System.out by logger
+ Fixed java.lang.RuntimeException: Unknown constant pool type
+ Switched to JUnit 5
+ Dependency improvements
maven-dependency-plugin was updated from version 3.1.2 to 3.6.0:
- Changes in 3.6.0:
* Bugs fixed:
+ Obsolete example of -Dverbose on web page
+ Unsupported verbose option still appears in docs
+ dependency:go-offline does not use repositories from parent pom in reactor build
+ Fixed possible NPE
+ `dependency:analyze-only` goal fails on OpenJDK 14
+ FileWriter and FileReader should be replaced
+ Dependency Plugin go-offline doesn't respect artifact classifier
+ analyze-only failed: Unsupported class file major version 60 (Java 16)
+ analyze-only failed: Unsupported class file major version 61 (Java 17)
+ copy-dependencies fails when using excludeScope=test
+ mvn dependency:analyze detected wrong transitive dependency
+ dependency plugin does not work with JDK 16
+ skip dependency analyze in ear packaging
+ Non-test dependency reported as Non-test scoped test only dependency
+ 'Dependency not found' with 3.2.0 and Java-17 while analyzing
+ Tree plugin does not terminate with 3.2.0
+ Minor improvement - continue
+ analyze-only failed: PermittedSubclasses requires ASM9
+ Broken Link to 'Introduction to Dependency Mechanism Page'
+ Sealed classes not supported
+ Dependency tree in verbose mode for war is empty
+ Javadoc was not updated to reflect that :tree's verbose option is now ok
+ error dependency:list (caused by postgresql dependency)
+ :list-classes does not skip if skip is set
+ :list-classes does not use GAV parameters
* New Features:
+ Reintroduce the verbose option for dependency:tree
+ List classes in a given artifact
+ dependency:analyze should recommend narrower scope where possible
+ Added analyze parameter 'ignoreUnusedRuntime'
+ Allow ignoring non-test-scoped dependencies
+ Added a <stripType> option to unpack goals
+ Allow auto-ignore of all non-test scoped dependencies used only in test scope
* Improvements:
+ Unused method o.a.m.p.d.t.TreeMojo.containsVersion
+ Minor improvements
+ GitHub Action build improvement
+ dependency:analyze should list the classes that cause a used undeclared dependency
+ Improve documentation of analyze - Non-test scoped
+ Turn warnings into errors instead of failOnWarning
+ maven-dependency-plugin should leverage plexus-build-api to support IDEs
+ TestListClassesMojo logs too much
+ Use outputDirectory from AbstractMavenReport
+ Removed not used dependencies / Replace parts
+ list-repositories - improvements
+ warns about depending on plexus-container-default
+ Replace AnalyzeReportView with a new AnalyzeReportRenderer
* Task:
+ Removed no longer required exclusions
+ Java 1.8 as minimum
+ Explicitly start and end tables with Doxia Sinks in report renderers
+ Replace Maven shared StringUtils with Commons Lang3
+ Removed unused and ignored parameter - useJvmChmod
+ Removed custom plexus configuration
+ Code refactor - UnpackUtil
+ Refresh download page
maven-dependency-tree was updated from version 3.0.1 to 3.2.1:
- Changes in 3.2.1:
* Bugs fixed:
+ DependencyCollectorBuilder does not collect dependencies when artifact has 'war' packaging
+ Transitive provided dependencies are not removed from collected dependency graph
* New Features:
+ DependencyCollectorBuilder more configurable
* Improvements:
+ DependencyGraphBuilder does not provide verbose tree
+ DependencyGraphBuilders shouldn't need reactorProjects for resolving dependencies
+ Maven31DependencyGraphBuilder should not download dependencies other than the pom
+ Fixed `plexus-component-annotation` in line with `plexus-component-metadata`
+ Upgraded parent to 31
+ Added functionality to collect raw dependencies in Maven 3+
+ Annotate DependencyNodes with dependency management metadata
+ Require Java 8
+ Upgrade `org.eclipse.aether:aether-util` dependency in org.apache.maven.shared:maven-dependency-tree
+ Added Exclusions to DependencyNode
+ Made build Reproducible
+ Migrate plexus component to JSR-330
+ Drop maven 3.0 compatibility
* Dependency upgrade:
+ Upgrade shared-component to version 33
+ Upgrade Parent to 36
+ Bump maven-shared-components from 36 to 37
- Removed unnecessary dependency on xmvn tools and parent pom
maven-enforcer was updated to version 3.4.1:
- Update to version 3.4.1:
* Bugs fixed:
+ In a multi module project 'bannedDependencies' rule tries to resolve project artifacts from external repository
+ Require Release Dependencies ignorant about aggregator build
+ banDuplicatePomDependencyVersions does not check managementDependencies
+ Beanshell rule is not thread-safe
+ RequireSnapshotVersion not compatible with CI Friendly Versions (${revision})
+ NPE when using new <?m2e execute ?> syntax with maven-enforcer-plugin
+ Broken links on Maven Enforcer Plugin site
+ RequirePluginVersions not recognizing versions-from-properties
+ [REGRESSION] RequirePluginVersions fails when versions are inherited
+ requireFilesExist rule should be case sensitive
+ Broken Links on Project Home Page
+ TestRequireOS uses hamcrest via transitive dependency
+ plexus-container-default in enforcer-api is very outdated
+ classifier not included in output of failes RequireUpperBoundDeps test
+ Exclusions are not considered when looking at parent for requireReleaseDeps
+ requireUpperBoundDeps does not fail when packaging is 'war'
+ DependencyConvergence in 3.0.0 fails on provided scoped dependencies
+ NPE on requireReleaseDeps with non-matching includes
+ RequireUpperBoundDeps now follow scope provided transitive dependencies
+ Use currently build artifacts in IT tests
+ requireReleaseDeps does not support optional dependencies or runtime scope
+ Enforcer 3.0.0 breaks with Maven 3.8.4
+ Version 3.1.0 is not enforcing bannedDependencies rules
+ DependencyConvergence treats provided dependencies are runtime dependencies
+ Plugin shouldn't use NullPointerException for non-exceptional code flow
+ NPE in RequirePluginVersions
+ ReactorModuleConvergence not cached in reactor
+ RequireUpperBoundDeps fails on provided dependencies since 3.2.1
+ Problematic dependency resolution by new 'banDynamicVersions' rule
+ banTransitiveDependencies: failing if a transitive dependencies has another version than the resolved one
+ Filtering dependency tree by scope
+ Upgrading to 3.0.0 causes 'Could not build dependency tree' with repositories some unknown protocol
+ DependencyConvergence in 3.1.0 fails when using version ranges
+ Semantics of 'ignores' parameter of 'banDynamicVersions' is inverted
+ Omission of 'excludedScopes' parameter of 'banDynamicVersions' causes NPE
+ ENFORCER: plugin-info and mojo pages not found
* New Features:
+ requireUpperBounds deps should have includes
+ Introduce RequireTextFileChecksum with line separator normalization
+ allow no rules
+ show rules processed
+ DependencyConvergence should support including/excluding certain dependencies
+ Support declaring external banned dependencies in an external file/URL
+ Maven enforcer rule which checks that all dependencies have an explicit scope set
+ Maven enforcer rule which checks that all dependencies in dependencyManagement don't have an explicit scope set
+ Rule for no version ranges, version placeholders or SNAPSHOT versions
+ Allow one of many files in RequireFiles rules to pass
+ Skip specific rules
+ New Enforcer API
+ New Enforcer API - RuleConfigProvider
+ Move Built-In Rules to new API
* Improvements:
+ wildcard ignore in requireReleaseDeps
+ Improve documentation about writing own Enforcer Rule
+ RequireActiveProfile should respect inherited activated profiles
+ Upgrade maven-dependency-tree to 3.x
+ Improve dependency resolving in multiple modules project
+ requireUpperBoundDeps: add [<scope>] and colors to the output
+ Example for writing a custom rule should be upgraded
+ Along with JavaVersion, allow enforcement of the JavaVendor
+ Included Java vendor in display-info output
+ requireMavenVersion x.y.z is processed as (,x.y.z] instead of [x.y.z,)
+ Consistently format artifacts same as dependency:tree
+ Made build Reproducible
+ Added support for excludes/includes in requireJavaVendor rule
+ Introduce Maven Enforcer Extension
+ Extends RequirePluginVersions with banMavenDefaults
+ Shared GitHub Actions
+ Log at ERROR level when <fail> is set
+ Reuse getDependenciesToCheck results across rules
+ Violation messages can be really hard to find in a multi module project
+ Clarify class loading for custom Enforcer rules
+ Using junit jupiter bom instead of single artifacts.
+ Get rid of maven-dependency-tree dependency
+ Allow 8 as JDK version for requireJavaVersion
+ Improve error message for rule 'requireJavaVersion'
+ Include Java Home in Message for Java Rule Failures
+ Manage all Maven Core dependencies as provided
+ Mange rules configuration by plugin
+ Deprecate 'rules' property and introduce 'enforcer.rules' as a replacement
+ Change success message from executed to passed
+ EnforcerLogger: Provide isDebugEnabled(), isErrorEnabled(), isWarnEnabled() and isInfoEnabled()
+ Properly declare dependencies
* Test:
+ Regression test for dependency convergence problem fixed in 3.0.0
* Task:
+ Removed reference to travis or switch to travis.com
+ Fixed maven assembly links
+ Require Java 8
+ Verify working with Maven 4
+ Code cleanup
+ Refresh download page
+ Deprecate display-info mojo
+ Refresh site descriptors
+ Superfluous blanks in BanDuplicatePomDependencyVersions
+ Rename ResolveUtil to ResolverUtil
maven-plugin-tools was updated from version 3.6.0 to version 3.9.0:
- Changes of version 3.9.0:
* Bugs fixed:
+ Fixed *-mojo.xml (in PluginXdocGenerator) is overwritten when multiple locales are defined
+ Generated table by PluginXdocGenerator does not contain default attributes
* Improvements:
+ Omit empty line in generated help goal output if plugin description is empty
+ Use Plexus I18N rather than fiddling with
* Task:
+ Removed reporting from maven-plugin-plugin: create maven-plugin-report-plugin
* Dependency upgrade:
+ Upgrade plugins and components (in ITs)
- Changes of version 3.8.2:
* Improvements:
+ Used Resolver API, get rid of localRepository
* Dependency upgrade:
+ Bump httpcore from 4.4.15 to 4.4.16
+ Bump httpclient from 4.5.13 to 4.5.14
+ Bump antVersion from 1.10.12 to 1.10.13
+ Bump slf4jVersion from 1.7.5 to 1.7.36
+ Bump plexus-java from 1.1.1 to 1.1.2
+ Bump plexus-archiver from 4.6.1 to 4.6.3
+ Bump jsoup from 1.15.3 to 1.15.4
+ Bump asmVersion from 9.4 to 9.5
+ Bump assertj-core from 3.23.1 to 3.24.2
- Changes of version 3.8.1:
* Bugs fixed:
+ Javadoc reference containing a link label with spaces are not detected
+ JavadocLinkGenerator.createLink: Support nested binary class names
+ ERROR during build of m-plugin-report-p and m-plugin-p: Dependencies in wrong scope
+ 'Executes as an aggregator plugin' documentation: s/plugin/goal/
+ Maven scope warning should be logged at WARN level
+ Fixed Temporary File Information Disclosure Vulnerability
* New features:
+ Support mojos using the new maven v4 api
* Improvements:
+ Plugin descriptor should contain the requiredJavaVersion/requiredMavenVersion
+ Execute annotation only supports standard lifecycle phases due to use of enum
+ Clarify deprecation of all extractors but the maven-plugin-tools-annotations
* Dependency upgrade:
+ Update to Maven Parent POM 39
+ Bump junit-bom from 5.9.1 to 5.9.2
+ Bump plexus-archiver from 4.5.0 to 4.6.1
- Changes of version 3.7.1:
* Bugs fixed:
+ Maven scope warning should be logged at WARN level
- Changes of version 3.7.0:
* Bugs fixed:
+ The plugin descriptor generated by plugin:descriptor does not consider @ see javadoc taglets
+ Report-Mojo doesn't respect input encoding
+ Generating site reports for plugin results in
NoSuchMethodError
+ JDK Requirements in plugin-info.html: Consider property 'maven.compiler.release'
+ Parameters documentation inheriting @ since from Mojo can be confusing
+ Don't emit warning for missing javadoc URL of primitives
+ Don't emit warning for missing javadoc URI if no javadoc sources are configured
+ Parameter description should be taken from annotated item
* New Features:
+ Added link to javadoc in configuration description page for user defined types of Mojos.
+ Allow only @ Deprecated annotation without @ deprecated javadoc tag
+ add system requirements history section
+ report: allow to generate usage section in plugin-info.html with true
+ Allow @ Parameter on setters methods
+ Extract plugin report into its own plugin
+ report: Expose generics information of Collection and Map types
* Improvement:
+ plugin-info.html should contain a better Usage section
+ Do not overwrite generate files with no content change
+ Upgrade to JUnit 5 and @ Inject annotations
+ Support for java 20 - ASM 9.4
+ Don't print empty Memory, Disk Space in System Requirements
+ simplification in helpmojo build
+ Get rid of plexus-compiler-manager from tests
+ Use Maven core artifacts in provided scope
+ report and descriptor goal need to evaluate Javadoc comments differently
+ Allow to reference aggregator javadoc from plugin report
* Task:
+ Detect legacy/javadoc Mojo definitions, warn to use Java 5 annotations
+ Update level to Java 8
+ Deprecate scripting support for mojos
+ Deprecate requirements parameter in report Mojo
+ Removed duplicate code from PluginReport
+ Prepare for Doxia (Sitetools) 2.0.0
+ Fixed documentation for maven-plugin-report-plugin
+ Removed deprecated items from new maven-plugin-report-plugin
+ Improve site build
+ Improve dependency management
+ Plugin generator generation fails when the parent class comes from a different project
* Dependency upgrade:
+ Upgrade Maven Reporting API/Impl to 3.1.0
+ Upgrade Parent to 36
+ Upgrade project dependencies after JDK 1.8
+ Bump maven-parent from 36 to 37
+ Upgrade Maven Reporting API to 3.1.1/Maven Reporting Impl to 3.2.0
+ Upgrade plexus-utils to 3.5.0
- Changes of version 3.6.4:
* Restored compatibility with Maven 3 ecosystem
* Upgraded dependencies
- Changes of version 3.6.3:
* Added prerequisites to plugin pom
* Exclude dependency in provided scope from plugin descriptor
* Get rid of String.format use
* Fixed this logging as well
* Simplify documentation
* Exclude maven-archiver and maven-jxr from warning
- Changes of version 3.6.2:
* Deprecated unused requiresReports flag
* Check that Maven dependencies are provided scope
* Update ITs
* Use shared gh action
* Deprecate unsupported Mojo descriptor items
* Weed out ITs
* Upgrade to maven 3.x and avoid using deprecated API
* Drop legacy dependencies
* Use shared gh action - v1
* Fixed wording in javadoc
- Changes of version 3.6.1:
* What's Changed:
* Added missing @OverRide and make methods static
* Upgraded to JUnit 4.12
* Upgraded parent POM and other dependencies
* Updated plugins
* Upgraded Doxia Sitetools to 1.9.2 to remove dependency on Struts
* removed Maven 2 info
* Removed unneeded dependency
* Tighten the dependency tree
* Ignore .checkstyle
* Strict dependencies for maven-plugin-tools-annotations
* Improved @execute(goal...) docs
* Improve @execute(lifecycle...) docs
plexus-compiler was updated from version 2.11.1 to 2.14.2:
- Changes of 2.14.2:
* Removed:
+ Drop J2ObjC compiler
* New features and improvements:
+ Update AspectJ Compiler to 1.9.21 to support Java 21
+ Require JDK 17 for build
+ Improve locking on JavacCompiler
+ Include 'parameter' and 'preview' describe log
+ Switch to SISU annotations and plugin, fixes #217
+ Support jdk 21
+ Require Maven 3.5.4+
+ Require Java 11 for plexus-compiler-eclipse an
javac-errorprone and aspectj compilers
+ Added support to run its with Java 20
* Bugs fixed:
+ Fixed javac memory leak
+ Validate zip file names before extracting (Zip Slip)
+ Restore AbstractCompiler#getLogger() method
+ Return empty list for not existing source root location
+ Improve javac error output parsing
- Changes of 2.13.0:
* New features and improvements:
+ Fully ignore any possible jdk bug
+ MCOMPILER-402: Added implicitOption to CompilerConfiguration
+ Added a custom compile argument
replaceProcessorPathWithProcessorModulePath to force the
plugin replace processorPath with processormodulepath
+ describe compiler configuration on run
+ simplify 'Compiling' info message: display relative path
* Bugs fixed:
+ Respect CompilerConfiguration.sourceFiles in
EclipseJavaCompiler
+ Avoid NPE in AspectJCompilerTest on AspectJ 1.9.8+
* Dependency updates:
+ Bump maven-surefire-plugin from 3.0.0-M5 to 3.0.0-M6
+ Bump error_prone_core from 2.11.0 to 2.13.1
+ Bump github/codeql-action from 1 to 2
+ Bump ecj from 3.28.0 to 3.29.0
+ Bump release-drafter/release-drafter from 5.18.1 to 5.19.0
+ Bump ecj from 3.29.0 to 3.30.0
+ Bump maven-invoker-plugin from 3.2.2 to 3.3.0
+ Bump maven-enforcer-plugin from 3.0.0 to 3.1.0
+ Bump error_prone_core from 2.13.1 to 2.14.0
+ Bump maven-surefire-plugin from 3.0.0-M6 to 3.0.0-M7
+ Bump ecj from 3.31.0 to 3.32.0
+ Bump junit-bom from 5.9.0 to 5.9.1
+ Bump ecj from 3.30.0 to 3.31.0
+ Bump groovy from 3.0.12 to 3.0.13
+ Bump groovy-json from 3.0.12 to 3.0.13
+ Bump groovy-xml from 3.0.12 to 3.0.13
+ Bump animal-sniffer-maven-plugin from 1.21 to 1.22
+ Bump error_prone_core from 2.14.0 to 2.15.0
+ Bump junit-bom from 5.8.2 to 5.9.0
+ Bump groovy-xml from 3.0.11 to 3.0.12
+ Bump groovy-json from 3.0.11 to 3.0.12
+ Bump groovy from 3.0.11 to 3.0.12
* Maintenance:
+ Require Maven 3.2.5
Patchnames
SUSE-2024-560,SUSE-SLE-Module-Basesystem-15-SP5-2024-560,SUSE-SLE-Module-Development-Tools-15-SP5-2024-560,SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-560,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-560,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-560,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-560,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-560,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-560,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-560,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-560,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-560,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-560,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-560,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-560,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-560,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-560,SUSE-Storage-7.1-2024-560,openSUSE-SLE-15.5-2024-560
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Recommended update for Java", title: "Title of the patch", }, { category: "description", text: "This update for Java fixes the following issues:\n\nplexus-archiver was updated from version 4.2.1 to 4.8.0:\n\n- Changes of 4.8.0:\n\n * Security issues fixed:\n\n + CVE-2023-37460: Avoid override target symlink by standard file in AbstractUnArchiver (bsc#1215973)\n\n * New features and improvements:\n\n + Added tzst alias for tar.zst archiver/unarchived\n\n * Bugs fixed:\n\n + Detect permissions for addFile\n\n * Maintenance:\n\n + Removed public modifier from JUnit 5 tests\n + Use https in scm/url\n + Removed junit-jupiter-engine from project dependencies\n + Removed parent and reports menu from site\n + Cleanup after 'veryLargeJar' test\n + Override project.url\n\n- Changes of 4.7.1:\n\n * Bugs fixed:\n\n + Don't apply umask on unknown perms (Win)\n\n- Changes of 4.7.0:\n\n * New features and improvements:\n\n + add umask support and use 022 in RB mode\n + Use NIO Files for creating temporary files\n + Deprecate the JAR Index feature (JDK-8302819)\n + Added Archiver aliases for tar.*\n\n * Maintenance:\n\n + Use JUnit TempDir to manage temporary files in tests\n + Override uId and gId for Tar in test\n + Bump maven-resources-plugin from 2.7 to 3.3.1\n\n- Changes of 4.6.3:\n\n * New features and improvements:\n\n + Fixed path traversal vulnerability\n The vulnerability affects only directories whose name begins\n with the same prefix as the destination directory. For example\n malicious archive may extract file in /opt/directory instead\n of /opt/dir.\n\n- Changes of 4.6.2:\n\n * Bugs fixed:\n\n + Fixed regression in handling symbolic links\n\n- Changes of 4.6.1:\n\n * Bugs fixed:\n\n + Normalize file separators before warning about equal archive entries\n\n- Changes of 4.6.0:\n\n * New features and improvements:\n\n + keep file/directory permissions in Reproducible Builds mode\n\n- Changes of 4.5.0:\n\n * New features and improvements:\n\n + Added zstd (un)archiver support\n\n * Bugs fixed:\n\n + Fixed UnArchiver#isOverwrite not working as expected\n\n- Changes of 4.4.0:\n\n * New features and improvements:\n\n + Drop legacy plexus API and use only JSR330 components\n\n- Changes of 4.3.0:\n\n * New features and improvements:\n\n + Require Java 8\n + Refactor to use FileTime API\n + Rename setTime method to setZipEntryTime\n + Convert InputStreamSupplier to lambdas\n\n * Bugs fixed:\n\n + Reproducible Builds not working when using modular jar\n\n- Changes of 4.2.7:\n\n * New features and improvements:\n\n + Respect order of META-INF/ and META-INF/MANIFEST.MF entries in a JAR file\n\n- Changes of 4.2.6:\n\n * New features and improvements:\n\n + FileInputStream, FileOutputStream, FileReader and FileWriter are no longer used\n + Code cleanup\n\n- Changes of 4.2.5:\n\n * New features and improvements:\n + Speed improvements\n\n * Bugs fixed:\n\n + Fixed use of a mismatching Unicode path extra field in zip unarchiving\n\n- Changes of 4.2.4:\n\n * Bugs fixed:\n\n + Fixed unjustified warning about casing for directory entries\n\n- Changes of 4.2.2:\n\n * Bugs fixed:\n\n + DirectoryArchiver fails for symlinks if a parent directory doesn't exist\n\nobjectweb-asm was updated to version 9.6:\n\n- Changes of version 9.6:\n\n * New Opcodes.V22 constant for Java 22\n\n * Bugs fixed:\n\n + Analyzer produces frames that have different locals than those detected by JRE bytecode verifier\n + Invalid stackmap generated when the instruction stream has new instruction after invokespecial to <init>\n + Analyzer can fail to catch thrown exceptions\n + `asm-analysis` Frame allocates an array unnecessarily inside `executeInvokeInsn`\n + Fixed bug in `CheckFrameAnalyzer` with static methods\n\n- Changes of version 9.5:\n\n * New Opcodes.V21 constant for Java 21\n * New readBytecodeInstructionOffset hook in ClassReader\n * Added more detailed exception messages\n * Javadoc improvements and fixes\n\n * Bugs fixed:\n\n + Silent removal of zero-valued entries from the line-number table\n\n- Changes of version 9.4:\n\n * Changes:\n\n + New Opcodes.V20 constant for Java 20\n + Added more checks in CheckClassAdapter\n + Javadoc improvements and fixes\n + `module-info` classes can be built without Gradle and Bnd\n + Parent POM updated to `org.ow2:ow2:1.5.1`\n\n * Bugs fixed:\n\n +`CheckClassAdapter` is no longer transparent for MAXLOCALS\n + Added public `getDelegate` method to all visitor classes\n + Analyzer does not compute optimal maxLocals for static methods\n + Fixed `SignatureWriter` when a generic type has a depth over 30\n + Skip remap inner class name if not changed in Remapper\n\nmaven-archiver was updated from version 3.5.0 to 3.6.1:\n\n- Changes of 3.6.1:\n\n * New Features:\n\n + Deprecated the JAR Index feature (JDK-8302819)\n\n * Task:\n\n + Refreshed download page\n + Prefer JDK features over plexus-utils, plexus-io\n\n- Changes of 3.6.0:\n\n * Task:\n\n + Require Java 8\n + Drop m-shared-utils from deps\n\nmaven-assembly-plugin was updated from version 3.3.0 to 3.6.0:\n\n- Changes of 3.6.0:\n\n * Bugs fixed:\n\n + finalName as readonly parameter makes common usecases very complicated\n + Symbolic links get copied with absolute path\n + Warning if using Maven 3.9.1\n + Minimal default Manifest configuration of jar archiver should be respected\n\n * New Features:\n\n + Support Zstandard compression format\n\n * Improvements:\n\n + In RB mode, apply 022 umask to ignore environment group write umask\n + Added system requirements history\n\n * Task:\n + Dropped deprecated repository element\n + Support running build on Java 20\n + Refresh download page\n + Cleanup declared dependencies\n + Avoid using deprecated methods of `plexus-archiver`\n\n- Changes of 3.5.0:\n\n * Bugs fixed:\n\n + File permissions removed during assembly:single since 3.2.0\n\n- Changes of 3.4.2:\n\n * Bugs fixed:\n\n + Fixed Excludes filtering\n\n * Task:\n\n + Fixed examples to refer to https instead of http\n\n- Changes of 3.4.1:\n\n * Bugs fixed:\n\n + Fixed error build with shared assemblies\n\n- Changes of 3.4.0:\n\n * Bugs fixed:\n\n + dependencySet includes filter with classifier breaks include of artifacts without classifier\n\n * Task:\n\n + Speed improvements\n + Update plugin (requires Maven 3.2.5+)\n + Assembly plugin resolves too much, even plugins used to build dependencies\n + Deprecated the repository element in assembly descriptor\n + Upgraded to Java 8, drop unused dependencies\n\nmaven-common-artifact-filters was updated from version 3.0.1 to 3.3.2:\n\n- Changes of 3.3.2:\n\n * Bugs fixed:\n\n + PatternIncludesArtifactFilters raising NPE for patterns w/ wildcards and artifactoid w/ null on any coordinate\n\n- Changes of 3.3.1:\n\n * Bugs fixed:\n\n + Pattern w/ 4 elements may be GATV or GATC\n\n- Changes of 3.3.0:\n\n * Bugs fixed:\n\n + null passed to DependencyFilter in EclipseAetherFilterTransformerTest\n + PatternIncludesArtifactFilter#include(Artifact)\n + Common Artifact Filters pattern parsing with classifier is broken\n\n * Task:\n\n + Sanitized dependencies\n + Upgraded to Maven Parent 36, to Maven 3.2.5, to Java 8 and clean up dependencies\n\n- Changes of 3.2.0:\n\n * Improvements:\n\n + Big speed improvements for patterns that do not contain any wildcard\n\n- Changes of 3.1.1:\n\n * Bugs fixed:\n\n + Updated JIRA URL for maven-common-artifact-filters\n\n * Improvements:\n\n + Made build Reproducible\n\n- Changes of 3.1.0:\n\n * Bugs fixed:\n\n + Several filters do not preserve order of artifacts filtered\n\nmaven-compiler-plugin was updated from version 3.10.1 to 3.11.0:\n\nChanges of 3.11.0:\n\n * New features and improvements:\n\n + Added a useModulePath switch to the testCompile mojo\n + Allow dependency exclusions for 'annotationProcessorPaths'\n + Use maven-resolver to resolve 'annotationProcessorPaths' dependencies\n + Upgrade plexus-compiler to improve compiling message\n + compileSourceRoots parameter should be writable\n + Change showWarnings to true by default\n + Warn about warn-config conflicting values\n + Update default source/target from 1.7 to 1.8\n + Display recompilation causes\n + Added some parameter to pattern from stale source calculation\n + Added dedicated option for implicit javac flag\n\n * Bugs fixed:\n\n + Fixed incorrect detection of dependency change\n + Test with Maven 3.9.0 and fix the failing IT\n + Resolved all annotation processor dependencies together\n + Defining maven.compiler.release as empty string ends with NumberFormatException in testCompileMojo\n + Fixed missing dirs in createMissingPackageInfoClasses\n + Set Xcludes in config passed to actual compiler\n\nmaven-dependency-analyzer was updated from version 1.10 to 1.13.2:\n\n- Changes of 1.13.2:\n\n * Changes and bugs fixed:\n\n + Made mvn dependency:analyze work with OpenJDK 11\n + Fixed jdk8 incompatibility at runtime (NoSuchMethodError)\n + Upgraded asm to 8.0.1\n + Use try with resources to avoid leaks\n + dependency:analyze recommends test scope for test-only artifacts that have non-test scope\n + remove reference to deprecated public mutable field\n + Updated JIRA URL\n + dependency:analyze should recommend narrower scope where possible\n + Remove dependency on jmock\n + Inline deprecated field\n + Added more JavaDoc\n + Handle different classes from same artifact used by model and test code\n + Included class names in used undeclared dependencies\n + Check maximum allowed Maven version\n + Get rid of maven-plugin-testing-tools for IT test\n + Require Maven 3.2.5+\n + Analyze project classes only once\n + Fixed array parsing\n + CONSTANT_METHOD_TYPE should not add to classes\n + Inner classes are in same compilation unit as container class\n + Upgraded Parent to 36\n + Cleanup IT tests\n + Replace Codehaus Plexus utils with java.nio.file.Files and Apache Commons\n + Fixed bug with 'non-test scoped test only dependencies found'\n + Bump asm from 9.4 to 9.5\n + Refresh download page\n + Upgrade Parent to 39\n + Build on JDK 19, 20\n + Prefer JDK classes to Plexus utils\n + Replaced System.out by logger\n + Fixed java.lang.RuntimeException: Unknown constant pool type\n + Switched to JUnit 5\n + Dependency improvements\n\nmaven-dependency-plugin was updated from version 3.1.2 to 3.6.0:\n\n- Changes in 3.6.0:\n\n * Bugs fixed:\n\n + Obsolete example of -Dverbose on web page\n + Unsupported verbose option still appears in docs\n + dependency:go-offline does not use repositories from parent pom in reactor build\n + Fixed possible NPE\n + `dependency:analyze-only` goal fails on OpenJDK 14\n + FileWriter and FileReader should be replaced\n + Dependency Plugin go-offline doesn't respect artifact classifier\n + analyze-only failed: Unsupported class file major version 60 (Java 16)\n + analyze-only failed: Unsupported class file major version 61 (Java 17)\n + copy-dependencies fails when using excludeScope=test\n + mvn dependency:analyze detected wrong transitive dependency\n + dependency plugin does not work with JDK 16\n + skip dependency analyze in ear packaging\n + Non-test dependency reported as Non-test scoped test only dependency\n + 'Dependency not found' with 3.2.0 and Java-17 while analyzing\n + Tree plugin does not terminate with 3.2.0\n + Minor improvement - continue\n + analyze-only failed: PermittedSubclasses requires ASM9\n + Broken Link to 'Introduction to Dependency Mechanism Page'\n + Sealed classes not supported\n + Dependency tree in verbose mode for war is empty\n + Javadoc was not updated to reflect that :tree's verbose option is now ok\n + error dependency:list (caused by postgresql dependency)\n + :list-classes does not skip if skip is set\n + :list-classes does not use GAV parameters\n\n * New Features:\n\n + Reintroduce the verbose option for dependency:tree\n + List classes in a given artifact\n + dependency:analyze should recommend narrower scope where possible\n + Added analyze parameter 'ignoreUnusedRuntime'\n + Allow ignoring non-test-scoped dependencies\n + Added a <stripType> option to unpack goals\n + Allow auto-ignore of all non-test scoped dependencies used only in test scope\n\n * Improvements:\n\n + Unused method o.a.m.p.d.t.TreeMojo.containsVersion\n + Minor improvements\n + GitHub Action build improvement\n + dependency:analyze should list the classes that cause a used undeclared dependency\n + Improve documentation of analyze - Non-test scoped\n + Turn warnings into errors instead of failOnWarning\n + maven-dependency-plugin should leverage plexus-build-api to support IDEs\n + TestListClassesMojo logs too much\n + Use outputDirectory from AbstractMavenReport\n + Removed not used dependencies / Replace parts\n + list-repositories - improvements\n + warns about depending on plexus-container-default\n + Replace AnalyzeReportView with a new AnalyzeReportRenderer\n\n * Task:\n\n + Removed no longer required exclusions\n + Java 1.8 as minimum\n + Explicitly start and end tables with Doxia Sinks in report renderers\n + Replace Maven shared StringUtils with Commons Lang3\n + Removed unused and ignored parameter - useJvmChmod\n + Removed custom plexus configuration\n + Code refactor - UnpackUtil\n + Refresh download page\n\nmaven-dependency-tree was updated from version 3.0.1 to 3.2.1:\n\n- Changes in 3.2.1:\n\n * Bugs fixed:\n\n + DependencyCollectorBuilder does not collect dependencies when artifact has 'war' packaging\n + Transitive provided dependencies are not removed from collected dependency graph\n\n * New Features:\n\n + DependencyCollectorBuilder more configurable\n\n * Improvements:\n\n + DependencyGraphBuilder does not provide verbose tree\n + DependencyGraphBuilders shouldn't need reactorProjects for resolving dependencies\n + Maven31DependencyGraphBuilder should not download dependencies other than the pom\n + Fixed `plexus-component-annotation` in line with `plexus-component-metadata`\n + Upgraded parent to 31\n + Added functionality to collect raw dependencies in Maven 3+\n + Annotate DependencyNodes with dependency management metadata\n + Require Java 8\n + Upgrade `org.eclipse.aether:aether-util` dependency in org.apache.maven.shared:maven-dependency-tree\n + Added Exclusions to DependencyNode\n + Made build Reproducible\n + Migrate plexus component to JSR-330\n + Drop maven 3.0 compatibility\n\n * Dependency upgrade:\n\n + Upgrade shared-component to version 33\n + Upgrade Parent to 36\n + Bump maven-shared-components from 36 to 37\n\n- Removed unnecessary dependency on xmvn tools and parent pom\n\nmaven-enforcer was updated to version 3.4.1:\n\n- Update to version 3.4.1:\n\n * Bugs fixed:\n\n + In a multi module project 'bannedDependencies' rule tries to resolve project artifacts from external repository\n + Require Release Dependencies ignorant about aggregator build\n + banDuplicatePomDependencyVersions does not check managementDependencies\n + Beanshell rule is not thread-safe\n + RequireSnapshotVersion not compatible with CI Friendly Versions (${revision})\n + NPE when using new <?m2e execute ?> syntax with maven-enforcer-plugin\n + Broken links on Maven Enforcer Plugin site\n + RequirePluginVersions not recognizing versions-from-properties\n + [REGRESSION] RequirePluginVersions fails when versions are inherited\n + requireFilesExist rule should be case sensitive\n + Broken Links on Project Home Page\n + TestRequireOS uses hamcrest via transitive dependency\n + plexus-container-default in enforcer-api is very outdated\n + classifier not included in output of failes RequireUpperBoundDeps test\n + Exclusions are not considered when looking at parent for requireReleaseDeps\n + requireUpperBoundDeps does not fail when packaging is 'war'\n + DependencyConvergence in 3.0.0 fails on provided scoped dependencies\n + NPE on requireReleaseDeps with non-matching includes\n + RequireUpperBoundDeps now follow scope provided transitive dependencies\n + Use currently build artifacts in IT tests\n + requireReleaseDeps does not support optional dependencies or runtime scope\n + Enforcer 3.0.0 breaks with Maven 3.8.4\n + Version 3.1.0 is not enforcing bannedDependencies rules\n + DependencyConvergence treats provided dependencies are runtime dependencies\n + Plugin shouldn't use NullPointerException for non-exceptional code flow\n + NPE in RequirePluginVersions\n + ReactorModuleConvergence not cached in reactor\n + RequireUpperBoundDeps fails on provided dependencies since 3.2.1\n + Problematic dependency resolution by new 'banDynamicVersions' rule\n + banTransitiveDependencies: failing if a transitive dependencies has another version than the resolved one\n + Filtering dependency tree by scope\n + Upgrading to 3.0.0 causes 'Could not build dependency tree' with repositories some unknown protocol\n + DependencyConvergence in 3.1.0 fails when using version ranges\n + Semantics of 'ignores' parameter of 'banDynamicVersions' is inverted\n + Omission of 'excludedScopes' parameter of 'banDynamicVersions' causes NPE\n + ENFORCER: plugin-info and mojo pages not found\n\n * New Features:\n\n + requireUpperBounds deps should have includes\n + Introduce RequireTextFileChecksum with line separator normalization\n + allow no rules\n + show rules processed\n + DependencyConvergence should support including/excluding certain dependencies\n + Support declaring external banned dependencies in an external file/URL\n + Maven enforcer rule which checks that all dependencies have an explicit scope set\n + Maven enforcer rule which checks that all dependencies in dependencyManagement don't have an explicit scope set\n + Rule for no version ranges, version placeholders or SNAPSHOT versions\n + Allow one of many files in RequireFiles rules to pass\n + Skip specific rules\n + New Enforcer API\n + New Enforcer API - RuleConfigProvider\n + Move Built-In Rules to new API\n\n * Improvements:\n\n + wildcard ignore in requireReleaseDeps\n + Improve documentation about writing own Enforcer Rule\n + RequireActiveProfile should respect inherited activated profiles\n + Upgrade maven-dependency-tree to 3.x\n + Improve dependency resolving in multiple modules project\n + requireUpperBoundDeps: add [<scope>] and colors to the output\n + Example for writing a custom rule should be upgraded\n + Along with JavaVersion, allow enforcement of the JavaVendor\n + Included Java vendor in display-info output\n + requireMavenVersion x.y.z is processed as (,x.y.z] instead of [x.y.z,)\n + Consistently format artifacts same as dependency:tree\n + Made build Reproducible\n + Added support for excludes/includes in requireJavaVendor rule\n + Introduce Maven Enforcer Extension\n + Extends RequirePluginVersions with banMavenDefaults\n + Shared GitHub Actions\n + Log at ERROR level when <fail> is set\n + Reuse getDependenciesToCheck results across rules\n + Violation messages can be really hard to find in a multi module project\n + Clarify class loading for custom Enforcer rules\n + Using junit jupiter bom instead of single artifacts.\n + Get rid of maven-dependency-tree dependency\n + Allow 8 as JDK version for requireJavaVersion\n + Improve error message for rule 'requireJavaVersion'\n + Include Java Home in Message for Java Rule Failures\n + Manage all Maven Core dependencies as provided\n + Mange rules configuration by plugin\n + Deprecate 'rules' property and introduce 'enforcer.rules' as a replacement\n + Change success message from executed to passed\n + EnforcerLogger: Provide isDebugEnabled(), isErrorEnabled(), isWarnEnabled() and isInfoEnabled()\n + Properly declare dependencies\n\n * Test:\n\n + Regression test for dependency convergence problem fixed in 3.0.0\n\n * Task:\n\n + Removed reference to travis or switch to travis.com\n + Fixed maven assembly links\n + Require Java 8\n + Verify working with Maven 4\n + Code cleanup\n + Refresh download page\n + Deprecate display-info mojo\n + Refresh site descriptors\n + Superfluous blanks in BanDuplicatePomDependencyVersions\n + Rename ResolveUtil to ResolverUtil\n\n maven-plugin-tools was updated from version 3.6.0 to version 3.9.0:\n\n - Changes of version 3.9.0:\n\n * Bugs fixed:\n\n + Fixed *-mojo.xml (in PluginXdocGenerator) is overwritten when multiple locales are defined\n + Generated table by PluginXdocGenerator does not contain default attributes\n\n * Improvements:\n\n + Omit empty line in generated help goal output if plugin description is empty\n + Use Plexus I18N rather than fiddling with\n\n * Task:\n\n + Removed reporting from maven-plugin-plugin: create maven-plugin-report-plugin\n\n * Dependency upgrade:\n\n + Upgrade plugins and components (in ITs)\n\n- Changes of version 3.8.2:\n\n * Improvements:\n\n + Used Resolver API, get rid of localRepository\n\n * Dependency upgrade:\n\n + Bump httpcore from 4.4.15 to 4.4.16\n + Bump httpclient from 4.5.13 to 4.5.14\n + Bump antVersion from 1.10.12 to 1.10.13\n + Bump slf4jVersion from 1.7.5 to 1.7.36\n + Bump plexus-java from 1.1.1 to 1.1.2\n + Bump plexus-archiver from 4.6.1 to 4.6.3\n + Bump jsoup from 1.15.3 to 1.15.4\n + Bump asmVersion from 9.4 to 9.5\n + Bump assertj-core from 3.23.1 to 3.24.2\n\n- Changes of version 3.8.1:\n\n * Bugs fixed:\n\n + Javadoc reference containing a link label with spaces are not detected\n + JavadocLinkGenerator.createLink: Support nested binary class names\n + ERROR during build of m-plugin-report-p and m-plugin-p: Dependencies in wrong scope\n + 'Executes as an aggregator plugin' documentation: s/plugin/goal/\n + Maven scope warning should be logged at WARN level\n + Fixed Temporary File Information Disclosure Vulnerability\n\n * New features:\n\n + Support mojos using the new maven v4 api\n\n * Improvements:\n\n + Plugin descriptor should contain the requiredJavaVersion/requiredMavenVersion\n + Execute annotation only supports standard lifecycle phases due to use of enum\n + Clarify deprecation of all extractors but the maven-plugin-tools-annotations\n\n * Dependency upgrade:\n\n + Update to Maven Parent POM 39\n + Bump junit-bom from 5.9.1 to 5.9.2\n + Bump plexus-archiver from 4.5.0 to 4.6.1\n\n- Changes of version 3.7.1:\n * Bugs fixed:\n\n + Maven scope warning should be logged at WARN level\n\n- Changes of version 3.7.0:\n\n * Bugs fixed:\n\n + The plugin descriptor generated by plugin:descriptor does not consider @ see javadoc taglets\n + Report-Mojo doesn't respect input encoding\n + Generating site reports for plugin results in\n NoSuchMethodError\n + JDK Requirements in plugin-info.html: Consider property 'maven.compiler.release'\n + Parameters documentation inheriting @ since from Mojo can be confusing\n + Don't emit warning for missing javadoc URL of primitives\n + Don't emit warning for missing javadoc URI if no javadoc sources are configured\n + Parameter description should be taken from annotated item\n\n * New Features:\n\n + Added link to javadoc in configuration description page for user defined types of Mojos.\n + Allow only @ Deprecated annotation without @ deprecated javadoc tag\n + add system requirements history section\n + report: allow to generate usage section in plugin-info.html with true\n + Allow @ Parameter on setters methods\n + Extract plugin report into its own plugin\n + report: Expose generics information of Collection and Map types\n\n * Improvement:\n\n + plugin-info.html should contain a better Usage section\n + Do not overwrite generate files with no content change\n + Upgrade to JUnit 5 and @ Inject annotations\n + Support for java 20 - ASM 9.4\n + Don't print empty Memory, Disk Space in System Requirements\n + simplification in helpmojo build\n + Get rid of plexus-compiler-manager from tests\n + Use Maven core artifacts in provided scope\n + report and descriptor goal need to evaluate Javadoc comments differently\n + Allow to reference aggregator javadoc from plugin report\n\n * Task:\n\n + Detect legacy/javadoc Mojo definitions, warn to use Java 5 annotations\n + Update level to Java 8\n + Deprecate scripting support for mojos\n + Deprecate requirements parameter in report Mojo\n + Removed duplicate code from PluginReport\n + Prepare for Doxia (Sitetools) 2.0.0\n + Fixed documentation for maven-plugin-report-plugin\n + Removed deprecated items from new maven-plugin-report-plugin\n + Improve site build\n + Improve dependency management\n + Plugin generator generation fails when the parent class comes from a different project\n\n * Dependency upgrade:\n\n + Upgrade Maven Reporting API/Impl to 3.1.0\n + Upgrade Parent to 36\n + Upgrade project dependencies after JDK 1.8\n + Bump maven-parent from 36 to 37\n + Upgrade Maven Reporting API to 3.1.1/Maven Reporting Impl to 3.2.0\n + Upgrade plexus-utils to 3.5.0\n\n- Changes of version 3.6.4:\n\n * Restored compatibility with Maven 3 ecosystem\n * Upgraded dependencies\n\n- Changes of version 3.6.3:\n\n * Added prerequisites to plugin pom\n * Exclude dependency in provided scope from plugin descriptor\n * Get rid of String.format use\n * Fixed this logging as well\n * Simplify documentation\n * Exclude maven-archiver and maven-jxr from warning\n\n- Changes of version 3.6.2:\n\n * Deprecated unused requiresReports flag\n * Check that Maven dependencies are provided scope\n * Update ITs\n * Use shared gh action\n * Deprecate unsupported Mojo descriptor items\n * Weed out ITs\n * Upgrade to maven 3.x and avoid using deprecated API\n * Drop legacy dependencies\n * Use shared gh action - v1\n * Fixed wording in javadoc\n\n- Changes of version 3.6.1:\n\n * What's Changed:\n * Added missing @OverRide and make methods static\n * Upgraded to JUnit 4.12\n * Upgraded parent POM and other dependencies\n * Updated plugins\n * Upgraded Doxia Sitetools to 1.9.2 to remove dependency on Struts\n * removed Maven 2 info\n * Removed unneeded dependency\n * Tighten the dependency tree\n * Ignore .checkstyle\n * Strict dependencies for maven-plugin-tools-annotations\n * Improved @execute(goal...) docs\n * Improve @execute(lifecycle...) docs\n\nplexus-compiler was updated from version 2.11.1 to 2.14.2:\n\n- Changes of 2.14.2:\n\n * Removed:\n\n + Drop J2ObjC compiler\n\n * New features and improvements:\n\n + Update AspectJ Compiler to 1.9.21 to support Java 21\n + Require JDK 17 for build\n + Improve locking on JavacCompiler\n + Include 'parameter' and 'preview' describe log\n + Switch to SISU annotations and plugin, fixes #217\n + Support jdk 21\n + Require Maven 3.5.4+\n + Require Java 11 for plexus-compiler-eclipse an\n javac-errorprone and aspectj compilers\n + Added support to run its with Java 20\n\n * Bugs fixed:\n\n + Fixed javac memory leak\n + Validate zip file names before extracting (Zip Slip)\n + Restore AbstractCompiler#getLogger() method\n + Return empty list for not existing source root location\n + Improve javac error output parsing\n\n- Changes of 2.13.0:\n\n * New features and improvements:\n\n + Fully ignore any possible jdk bug\n + MCOMPILER-402: Added implicitOption to CompilerConfiguration\n + Added a custom compile argument\n replaceProcessorPathWithProcessorModulePath to force the\n plugin replace processorPath with processormodulepath\n + describe compiler configuration on run\n + simplify 'Compiling' info message: display relative path\n\n * Bugs fixed:\n\n + Respect CompilerConfiguration.sourceFiles in\n EclipseJavaCompiler\n + Avoid NPE in AspectJCompilerTest on AspectJ 1.9.8+\n\n * Dependency updates:\n\n + Bump maven-surefire-plugin from 3.0.0-M5 to 3.0.0-M6\n + Bump error_prone_core from 2.11.0 to 2.13.1\n + Bump github/codeql-action from 1 to 2\n + Bump ecj from 3.28.0 to 3.29.0\n + Bump release-drafter/release-drafter from 5.18.1 to 5.19.0\n + Bump ecj from 3.29.0 to 3.30.0\n + Bump maven-invoker-plugin from 3.2.2 to 3.3.0\n + Bump maven-enforcer-plugin from 3.0.0 to 3.1.0\n + Bump error_prone_core from 2.13.1 to 2.14.0\n + Bump maven-surefire-plugin from 3.0.0-M6 to 3.0.0-M7\n + Bump ecj from 3.31.0 to 3.32.0\n + Bump junit-bom from 5.9.0 to 5.9.1\n + Bump ecj from 3.30.0 to 3.31.0\n + Bump groovy from 3.0.12 to 3.0.13\n + Bump groovy-json from 3.0.12 to 3.0.13\n + Bump groovy-xml from 3.0.12 to 3.0.13\n + Bump animal-sniffer-maven-plugin from 1.21 to 1.22\n + Bump error_prone_core from 2.14.0 to 2.15.0\n + Bump junit-bom from 5.8.2 to 5.9.0\n + Bump groovy-xml from 3.0.11 to 3.0.12\n + Bump groovy-json from 3.0.11 to 3.0.12\n + Bump groovy from 3.0.11 to 3.0.12\n\n * Maintenance:\n\n + Require Maven 3.2.5\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-560,SUSE-SLE-Module-Basesystem-15-SP5-2024-560,SUSE-SLE-Module-Development-Tools-15-SP5-2024-560,SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-560,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-560,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-560,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-560,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-560,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-560,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-560,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-560,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-560,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-560,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-560,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-560,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-560,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-560,SUSE-Storage-7.1-2024-560,openSUSE-SLE-15.5-2024-560", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2024_0560-1.json", }, { category: "self", summary: "URL for SUSE-RU-2024:0560-1", url: "https://www.suse.com/support/update/announcement//suse-ru-20240560-1/", }, { category: "self", summary: "E-Mail link for SUSE-RU-2024:0560-1", url: "https://lists.suse.com/pipermail/sle-updates/2024-February/034327.html", }, { category: "self", summary: "SUSE Bug 1215973", url: "https://bugzilla.suse.com/1215973", }, { category: "self", summary: "SUSE CVE CVE-2023-37460 page", url: "https://www.suse.com/security/cve/CVE-2023-37460/", }, ], title: "Recommended update for Java", tracking: { current_release_date: "2024-02-21T04:34:23Z", generator: { date: "2024-02-21T04:34:23Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-RU-2024:0560-1", initial_release_date: "2024-02-21T04:34:23Z", revision_history: [ { date: "2024-02-21T04:34:23Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "maven-archiver-3.6.1-150200.3.7.3.noarch", product: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch", product_id: "maven-archiver-3.6.1-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-archiver-javadoc-3.6.1-150200.3.7.3.noarch", product: { name: "maven-archiver-javadoc-3.6.1-150200.3.7.3.noarch", product_id: "maven-archiver-javadoc-3.6.1-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-assembly-plugin-3.6.0-150200.3.7.2.noarch", product: { name: "maven-assembly-plugin-3.6.0-150200.3.7.2.noarch", product_id: "maven-assembly-plugin-3.6.0-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-assembly-plugin-javadoc-3.6.0-150200.3.7.2.noarch", product: { name: "maven-assembly-plugin-javadoc-3.6.0-150200.3.7.2.noarch", product_id: "maven-assembly-plugin-javadoc-3.6.0-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", product: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", product_id: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-common-artifact-filters-javadoc-3.3.2-150200.3.7.3.noarch", product: { name: "maven-common-artifact-filters-javadoc-3.3.2-150200.3.7.3.noarch", product_id: "maven-common-artifact-filters-javadoc-3.3.2-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", product: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", product_id: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, }, { category: "product_version", name: "maven-compiler-plugin-bootstrap-3.11.0-150200.3.7.1.noarch", product: { name: "maven-compiler-plugin-bootstrap-3.11.0-150200.3.7.1.noarch", product_id: "maven-compiler-plugin-bootstrap-3.11.0-150200.3.7.1.noarch", }, }, { category: "product_version", name: "maven-compiler-plugin-javadoc-3.11.0-150200.3.7.1.noarch", product: { name: "maven-compiler-plugin-javadoc-3.11.0-150200.3.7.1.noarch", product_id: "maven-compiler-plugin-javadoc-3.11.0-150200.3.7.1.noarch", }, }, { category: "product_version", name: "maven-dependency-analyzer-1.13.2-150200.3.7.2.noarch", product: { name: "maven-dependency-analyzer-1.13.2-150200.3.7.2.noarch", product_id: "maven-dependency-analyzer-1.13.2-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-dependency-analyzer-javadoc-1.13.2-150200.3.7.2.noarch", product: { name: "maven-dependency-analyzer-javadoc-1.13.2-150200.3.7.2.noarch", product_id: "maven-dependency-analyzer-javadoc-1.13.2-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-dependency-plugin-3.6.0-150200.3.7.2.noarch", product: { name: "maven-dependency-plugin-3.6.0-150200.3.7.2.noarch", product_id: "maven-dependency-plugin-3.6.0-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-dependency-plugin-javadoc-3.6.0-150200.3.7.2.noarch", product: { name: "maven-dependency-plugin-javadoc-3.6.0-150200.3.7.2.noarch", product_id: "maven-dependency-plugin-javadoc-3.6.0-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-dependency-tree-3.2.1-150200.3.7.2.noarch", product: { name: "maven-dependency-tree-3.2.1-150200.3.7.2.noarch", product_id: "maven-dependency-tree-3.2.1-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-dependency-tree-javadoc-3.2.1-150200.3.7.2.noarch", product: { name: "maven-dependency-tree-javadoc-3.2.1-150200.3.7.2.noarch", product_id: "maven-dependency-tree-javadoc-3.2.1-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-enforcer-3.4.1-150200.3.7.2.noarch", product: { name: "maven-enforcer-3.4.1-150200.3.7.2.noarch", product_id: "maven-enforcer-3.4.1-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-enforcer-api-3.4.1-150200.3.7.2.noarch", product: { name: "maven-enforcer-api-3.4.1-150200.3.7.2.noarch", product_id: "maven-enforcer-api-3.4.1-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-enforcer-extension-3.4.1-150200.3.7.2.noarch", product: { name: "maven-enforcer-extension-3.4.1-150200.3.7.2.noarch", product_id: "maven-enforcer-extension-3.4.1-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-enforcer-javadoc-3.4.1-150200.3.7.2.noarch", product: { name: "maven-enforcer-javadoc-3.4.1-150200.3.7.2.noarch", product_id: "maven-enforcer-javadoc-3.4.1-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-enforcer-plugin-3.4.1-150200.3.7.2.noarch", product: { name: "maven-enforcer-plugin-3.4.1-150200.3.7.2.noarch", product_id: "maven-enforcer-plugin-3.4.1-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-enforcer-rules-3.4.1-150200.3.7.2.noarch", product: { name: "maven-enforcer-rules-3.4.1-150200.3.7.2.noarch", product_id: "maven-enforcer-rules-3.4.1-150200.3.7.2.noarch", }, }, { category: "product_version", name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", product: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", product_id: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-plugin-plugin-3.9.0-150200.3.7.5.noarch", product: { name: "maven-plugin-plugin-3.9.0-150200.3.7.5.noarch", product_id: "maven-plugin-plugin-3.9.0-150200.3.7.5.noarch", }, }, { category: "product_version", name: "maven-plugin-plugin-bootstrap-3.9.0-150200.3.7.1.noarch", product: { name: "maven-plugin-plugin-bootstrap-3.9.0-150200.3.7.1.noarch", product_id: "maven-plugin-plugin-bootstrap-3.9.0-150200.3.7.1.noarch", }, }, { category: "product_version", name: "maven-plugin-plugin-javadoc-3.9.0-150200.3.7.5.noarch", product: { name: "maven-plugin-plugin-javadoc-3.9.0-150200.3.7.5.noarch", product_id: "maven-plugin-plugin-javadoc-3.9.0-150200.3.7.5.noarch", }, }, { category: "product_version", name: "maven-plugin-tools-annotations-3.9.0-150200.3.7.3.noarch", product: { name: "maven-plugin-tools-annotations-3.9.0-150200.3.7.3.noarch", product_id: "maven-plugin-tools-annotations-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-plugin-tools-ant-3.9.0-150200.3.7.3.noarch", product: { name: "maven-plugin-tools-ant-3.9.0-150200.3.7.3.noarch", product_id: "maven-plugin-tools-ant-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-plugin-tools-api-3.9.0-150200.3.7.3.noarch", product: { name: "maven-plugin-tools-api-3.9.0-150200.3.7.3.noarch", product_id: "maven-plugin-tools-api-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-plugin-tools-beanshell-3.9.0-150200.3.7.3.noarch", product: { name: "maven-plugin-tools-beanshell-3.9.0-150200.3.7.3.noarch", product_id: "maven-plugin-tools-beanshell-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-plugin-tools-generators-3.9.0-150200.3.7.3.noarch", product: { name: "maven-plugin-tools-generators-3.9.0-150200.3.7.3.noarch", product_id: "maven-plugin-tools-generators-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-plugin-tools-java-3.9.0-150200.3.7.3.noarch", product: { name: "maven-plugin-tools-java-3.9.0-150200.3.7.3.noarch", product_id: "maven-plugin-tools-java-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-plugin-tools-javadoc-3.9.0-150200.3.7.3.noarch", product: { name: "maven-plugin-tools-javadoc-3.9.0-150200.3.7.3.noarch", product_id: "maven-plugin-tools-javadoc-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-plugin-tools-model-3.9.0-150200.3.7.3.noarch", product: { name: "maven-plugin-tools-model-3.9.0-150200.3.7.3.noarch", product_id: "maven-plugin-tools-model-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-script-ant-3.9.0-150200.3.7.3.noarch", product: { name: "maven-script-ant-3.9.0-150200.3.7.3.noarch", product_id: "maven-script-ant-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "maven-script-beanshell-3.9.0-150200.3.7.3.noarch", product: { name: "maven-script-beanshell-3.9.0-150200.3.7.3.noarch", product_id: "maven-script-beanshell-3.9.0-150200.3.7.3.noarch", }, }, { category: "product_version", name: "objectweb-asm-9.6-150200.3.11.3.noarch", product: { name: "objectweb-asm-9.6-150200.3.11.3.noarch", product_id: "objectweb-asm-9.6-150200.3.11.3.noarch", }, }, { category: "product_version", name: "objectweb-asm-javadoc-9.6-150200.3.11.3.noarch", product: { name: "objectweb-asm-javadoc-9.6-150200.3.11.3.noarch", product_id: "objectweb-asm-javadoc-9.6-150200.3.11.3.noarch", }, }, { category: "product_version", name: "plexus-archiver-4.8.0-150200.3.7.2.noarch", product: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch", product_id: "plexus-archiver-4.8.0-150200.3.7.2.noarch", }, }, { category: "product_version", name: "plexus-archiver-javadoc-4.8.0-150200.3.7.2.noarch", product: { name: "plexus-archiver-javadoc-4.8.0-150200.3.7.2.noarch", product_id: "plexus-archiver-javadoc-4.8.0-150200.3.7.2.noarch", }, }, { category: "product_version", name: "plexus-compiler-2.14.2-150200.3.9.2.noarch", product: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch", product_id: "plexus-compiler-2.14.2-150200.3.9.2.noarch", }, }, { category: "product_version", name: "plexus-compiler-extras-2.14.2-150200.3.9.2.noarch", product: { name: "plexus-compiler-extras-2.14.2-150200.3.9.2.noarch", product_id: "plexus-compiler-extras-2.14.2-150200.3.9.2.noarch", }, }, { category: "product_version", name: "plexus-compiler-javadoc-2.14.2-150200.3.9.2.noarch", product: { name: "plexus-compiler-javadoc-2.14.2-150200.3.9.2.noarch", product_id: "plexus-compiler-javadoc-2.14.2-150200.3.9.2.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP5", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15 SP5", product: { name: "SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15:sp5", }, }, }, { category: "product_name", name: "SUSE Manager Server Module 4.3", product: { name: "SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-suse-manager-server:4.3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-espos:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP2-LTSS", product: { name: "SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP3-LTSS", product: { name: "SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15:sp4", }, }, }, { category: "product_name", name: "SUSE Manager Proxy 4.3", product: { name: "SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-proxy:4.3", }, }, }, { category: "product_name", name: "SUSE Manager Server 4.3", product: { name: "SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-server:4.3", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 7.1", product: { name: "SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1", product_identification_helper: { cpe: "cpe:/o:suse:ses:7.1", }, }, }, { category: "product_name", name: "openSUSE Leap 15.5", product: { name: "openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Manager Server Module 4.3", product_id: "SUSE Manager Server Module 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Manager Server Module 4.3", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP3-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP3:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP3", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Manager Server 4.3", product_id: "SUSE Manager Server 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Manager Server 4.3", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of SUSE Enterprise Storage 7.1", product_id: "SUSE Enterprise Storage 7.1:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "SUSE Enterprise Storage 7.1", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-3.6.1-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-archiver-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-archiver-javadoc-3.6.1-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-archiver-javadoc-3.6.1-150200.3.7.3.noarch", }, product_reference: "maven-archiver-javadoc-3.6.1-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-assembly-plugin-3.6.0-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-assembly-plugin-3.6.0-150200.3.7.2.noarch", }, product_reference: "maven-assembly-plugin-3.6.0-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-assembly-plugin-javadoc-3.6.0-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-assembly-plugin-javadoc-3.6.0-150200.3.7.2.noarch", }, product_reference: "maven-assembly-plugin-javadoc-3.6.0-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-common-artifact-filters-javadoc-3.3.2-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-common-artifact-filters-javadoc-3.3.2-150200.3.7.3.noarch", }, product_reference: "maven-common-artifact-filters-javadoc-3.3.2-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-bootstrap-3.11.0-150200.3.7.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-compiler-plugin-bootstrap-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-bootstrap-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-compiler-plugin-javadoc-3.11.0-150200.3.7.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-compiler-plugin-javadoc-3.11.0-150200.3.7.1.noarch", }, product_reference: "maven-compiler-plugin-javadoc-3.11.0-150200.3.7.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-dependency-analyzer-1.13.2-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-dependency-analyzer-1.13.2-150200.3.7.2.noarch", }, product_reference: "maven-dependency-analyzer-1.13.2-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-dependency-analyzer-javadoc-1.13.2-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-dependency-analyzer-javadoc-1.13.2-150200.3.7.2.noarch", }, product_reference: "maven-dependency-analyzer-javadoc-1.13.2-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-dependency-plugin-3.6.0-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-dependency-plugin-3.6.0-150200.3.7.2.noarch", }, product_reference: "maven-dependency-plugin-3.6.0-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-dependency-plugin-javadoc-3.6.0-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-dependency-plugin-javadoc-3.6.0-150200.3.7.2.noarch", }, product_reference: "maven-dependency-plugin-javadoc-3.6.0-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-dependency-tree-3.2.1-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-dependency-tree-3.2.1-150200.3.7.2.noarch", }, product_reference: "maven-dependency-tree-3.2.1-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-dependency-tree-javadoc-3.2.1-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-dependency-tree-javadoc-3.2.1-150200.3.7.2.noarch", }, product_reference: "maven-dependency-tree-javadoc-3.2.1-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-enforcer-3.4.1-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-enforcer-3.4.1-150200.3.7.2.noarch", }, product_reference: "maven-enforcer-3.4.1-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-enforcer-api-3.4.1-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-enforcer-api-3.4.1-150200.3.7.2.noarch", }, product_reference: "maven-enforcer-api-3.4.1-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-enforcer-javadoc-3.4.1-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-enforcer-javadoc-3.4.1-150200.3.7.2.noarch", }, product_reference: "maven-enforcer-javadoc-3.4.1-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-enforcer-plugin-3.4.1-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-enforcer-plugin-3.4.1-150200.3.7.2.noarch", }, product_reference: "maven-enforcer-plugin-3.4.1-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-enforcer-rules-3.4.1-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-enforcer-rules-3.4.1-150200.3.7.2.noarch", }, product_reference: "maven-enforcer-rules-3.4.1-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-plugin-3.9.0-150200.3.7.5.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-plugin-3.9.0-150200.3.7.5.noarch", }, product_reference: "maven-plugin-plugin-3.9.0-150200.3.7.5.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-plugin-bootstrap-3.9.0-150200.3.7.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-plugin-bootstrap-3.9.0-150200.3.7.1.noarch", }, product_reference: "maven-plugin-plugin-bootstrap-3.9.0-150200.3.7.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-plugin-javadoc-3.9.0-150200.3.7.5.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-plugin-javadoc-3.9.0-150200.3.7.5.noarch", }, product_reference: "maven-plugin-plugin-javadoc-3.9.0-150200.3.7.5.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-tools-annotations-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-tools-annotations-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-tools-annotations-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-tools-ant-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-tools-ant-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-tools-ant-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-tools-api-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-tools-api-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-tools-api-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-tools-beanshell-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-tools-beanshell-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-tools-beanshell-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-tools-generators-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-tools-generators-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-tools-generators-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-tools-java-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-tools-java-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-tools-java-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-tools-javadoc-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-tools-javadoc-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-tools-javadoc-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-plugin-tools-model-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-plugin-tools-model-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-plugin-tools-model-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-script-ant-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-script-ant-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-script-ant-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "maven-script-beanshell-3.9.0-150200.3.7.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:maven-script-beanshell-3.9.0-150200.3.7.3.noarch", }, product_reference: "maven-script-beanshell-3.9.0-150200.3.7.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-9.6-150200.3.11.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:objectweb-asm-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-9.6-150200.3.11.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "objectweb-asm-javadoc-9.6-150200.3.11.3.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:objectweb-asm-javadoc-9.6-150200.3.11.3.noarch", }, product_reference: "objectweb-asm-javadoc-9.6-150200.3.11.3.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-4.8.0-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:plexus-archiver-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "plexus-archiver-javadoc-4.8.0-150200.3.7.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:plexus-archiver-javadoc-4.8.0-150200.3.7.2.noarch", }, product_reference: "plexus-archiver-javadoc-4.8.0-150200.3.7.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-2.14.2-150200.3.9.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:plexus-compiler-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-extras-2.14.2-150200.3.9.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:plexus-compiler-extras-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-extras-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "plexus-compiler-javadoc-2.14.2-150200.3.9.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:plexus-compiler-javadoc-2.14.2-150200.3.9.2.noarch", }, product_reference: "plexus-compiler-javadoc-2.14.2-150200.3.9.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, ], }, vulnerabilities: [ { cve: "CVE-2023-37460", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-37460", }, ], notes: [ { category: "general", text: "Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remote code execution. When extracting an archive with an entry that already exists in the destination directory as a symbolic link whose target does not exist - the `resolveFile()` function will return the symlink's source instead of its target, which will pass the verification that ensures the file will not be extracted outside of the destination directory. Later `Files.newOutputStream()`, that follows symlinks by default, will actually write the entry's content to the symlink's target. Whoever uses plexus archiver to extract an untrusted archive is vulnerable to an arbitrary file creation and possibly remote code execution. Version 4.8.0 contains a patch for this issue.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 7.1:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Enterprise Storage 7.1:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Enterprise Storage 7.1:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Enterprise Storage 7.1:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Enterprise Storage 7.1:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Enterprise Storage 7.1:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Enterprise Storage 7.1:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP5:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Manager Proxy 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Manager Server 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Manager Server Module 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", "openSUSE Leap 15.5:maven-archiver-3.6.1-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-archiver-javadoc-3.6.1-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-assembly-plugin-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-assembly-plugin-javadoc-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-common-artifact-filters-javadoc-3.3.2-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-compiler-plugin-bootstrap-3.11.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-compiler-plugin-javadoc-3.11.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-dependency-analyzer-1.13.2-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-analyzer-javadoc-1.13.2-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-plugin-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-plugin-javadoc-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-tree-3.2.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-tree-javadoc-3.2.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-api-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-javadoc-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-plugin-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-rules-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-plugin-3.9.0-150200.3.7.5.noarch", "openSUSE Leap 15.5:maven-plugin-plugin-bootstrap-3.9.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-plugin-plugin-javadoc-3.9.0-150200.3.7.5.noarch", "openSUSE Leap 15.5:maven-plugin-tools-annotations-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-ant-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-api-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-beanshell-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-generators-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-java-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-javadoc-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-model-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-script-ant-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-script-beanshell-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:objectweb-asm-9.6-150200.3.11.3.noarch", "openSUSE Leap 15.5:objectweb-asm-javadoc-9.6-150200.3.11.3.noarch", "openSUSE Leap 15.5:plexus-archiver-4.8.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:plexus-archiver-javadoc-4.8.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:plexus-compiler-2.14.2-150200.3.9.2.noarch", "openSUSE Leap 15.5:plexus-compiler-extras-2.14.2-150200.3.9.2.noarch", "openSUSE Leap 15.5:plexus-compiler-javadoc-2.14.2-150200.3.9.2.noarch", ], }, references: [ { category: "external", summary: "CVE-2023-37460", url: "https://www.suse.com/security/cve/CVE-2023-37460", }, { category: "external", summary: "SUSE Bug 1215973 for CVE-2023-37460", url: "https://bugzilla.suse.com/1215973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 7.1:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Enterprise Storage 7.1:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Enterprise Storage 7.1:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Enterprise Storage 7.1:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Enterprise Storage 7.1:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Enterprise Storage 7.1:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Enterprise Storage 7.1:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP5:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Manager Proxy 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Manager Server 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Manager Server Module 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", "openSUSE Leap 15.5:maven-archiver-3.6.1-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-archiver-javadoc-3.6.1-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-assembly-plugin-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-assembly-plugin-javadoc-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-common-artifact-filters-javadoc-3.3.2-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-compiler-plugin-bootstrap-3.11.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-compiler-plugin-javadoc-3.11.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-dependency-analyzer-1.13.2-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-analyzer-javadoc-1.13.2-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-plugin-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-plugin-javadoc-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-tree-3.2.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-tree-javadoc-3.2.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-api-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-javadoc-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-plugin-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-rules-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-plugin-3.9.0-150200.3.7.5.noarch", "openSUSE Leap 15.5:maven-plugin-plugin-bootstrap-3.9.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-plugin-plugin-javadoc-3.9.0-150200.3.7.5.noarch", "openSUSE Leap 15.5:maven-plugin-tools-annotations-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-ant-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-api-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-beanshell-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-generators-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-java-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-javadoc-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-model-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-script-ant-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-script-beanshell-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:objectweb-asm-9.6-150200.3.11.3.noarch", "openSUSE Leap 15.5:objectweb-asm-javadoc-9.6-150200.3.11.3.noarch", "openSUSE Leap 15.5:plexus-archiver-4.8.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:plexus-archiver-javadoc-4.8.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:plexus-compiler-2.14.2-150200.3.9.2.noarch", "openSUSE Leap 15.5:plexus-compiler-extras-2.14.2-150200.3.9.2.noarch", "openSUSE Leap 15.5:plexus-compiler-javadoc-2.14.2-150200.3.9.2.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Enterprise Storage 7.1:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Enterprise Storage 7.1:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Enterprise Storage 7.1:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Enterprise Storage 7.1:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Enterprise Storage 7.1:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Enterprise Storage 7.1:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Enterprise Storage 7.1:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP5:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP5:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server 15 SP2-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server 15 SP3-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server 15 SP4-LTSS:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP3:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-archiver-3.6.1-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:plexus-archiver-4.8.0-150200.3.7.2.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:plexus-compiler-2.14.2-150200.3.9.2.noarch", "SUSE Manager Proxy 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Manager Server 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", "SUSE Manager Server Module 4.3:objectweb-asm-9.6-150200.3.11.3.noarch", "openSUSE Leap 15.5:maven-archiver-3.6.1-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-archiver-javadoc-3.6.1-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-assembly-plugin-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-assembly-plugin-javadoc-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-common-artifact-filters-3.3.2-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-common-artifact-filters-javadoc-3.3.2-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-compiler-plugin-3.11.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-compiler-plugin-bootstrap-3.11.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-compiler-plugin-javadoc-3.11.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-dependency-analyzer-1.13.2-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-analyzer-javadoc-1.13.2-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-plugin-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-plugin-javadoc-3.6.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-tree-3.2.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-dependency-tree-javadoc-3.2.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-api-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-javadoc-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-plugin-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-enforcer-rules-3.4.1-150200.3.7.2.noarch", "openSUSE Leap 15.5:maven-plugin-annotations-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-plugin-3.9.0-150200.3.7.5.noarch", "openSUSE Leap 15.5:maven-plugin-plugin-bootstrap-3.9.0-150200.3.7.1.noarch", "openSUSE Leap 15.5:maven-plugin-plugin-javadoc-3.9.0-150200.3.7.5.noarch", "openSUSE Leap 15.5:maven-plugin-tools-annotations-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-ant-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-api-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-beanshell-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-generators-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-java-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-javadoc-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-plugin-tools-model-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-script-ant-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:maven-script-beanshell-3.9.0-150200.3.7.3.noarch", "openSUSE Leap 15.5:objectweb-asm-9.6-150200.3.11.3.noarch", "openSUSE Leap 15.5:objectweb-asm-javadoc-9.6-150200.3.11.3.noarch", "openSUSE Leap 15.5:plexus-archiver-4.8.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:plexus-archiver-javadoc-4.8.0-150200.3.7.2.noarch", "openSUSE Leap 15.5:plexus-compiler-2.14.2-150200.3.9.2.noarch", "openSUSE Leap 15.5:plexus-compiler-extras-2.14.2-150200.3.9.2.noarch", "openSUSE Leap 15.5:plexus-compiler-javadoc-2.14.2-150200.3.9.2.noarch", ], }, ], threats: [ { category: "impact", date: "2024-02-21T04:34:23Z", details: "important", }, ], title: "CVE-2023-37460", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.