dev@archiva.apache.org, 2022-11

You are viewing a plain text version of this content. The canonical link for it is here.

- [GitHub] [archiva-redback-components] dependabot[bot] opened a new pull request, #8: Bump commons-collections from 3.2 to 3.2.2 in /spring-cache/spring-cache-providers/spring-cache-ehcache - posted by GitBox <gi...@apache.org> on 2022/11/03 23:22:56 UTC, 0 replies.
- [GitHub] [archiva-redback-components] dependabot[bot] opened a new pull request, #9: Bump commons-collections from 3.2.1 to 3.2.2 in /modello-plugins/modello-plugin-redback-registry - posted by GitBox <gi...@apache.org> on 2022/11/03 23:52:15 UTC, 0 replies.
- [GitHub] [archiva-redback-components] dependabot[bot] opened a new pull request, #10: Bump commons-collections from 3.2.1 to 3.2.2 in /spring-registry/spring-registry-commons - posted by GitBox <gi...@apache.org> on 2022/11/03 23:52:23 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] opened a new pull request, #41: Bump ehcache from 3.9.9 to 3.10.3 - posted by GitBox <gi...@apache.org> on 2022/11/09 17:07:18 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] commented on pull request #40: Bump ehcache from 3.9.9 to 3.10.2 - posted by GitBox <gi...@apache.org> on 2022/11/09 17:07:20 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] closed pull request #40: Bump ehcache from 3.9.9 to 3.10.2 - posted by GitBox <gi...@apache.org> on 2022/11/09 17:07:21 UTC, 0 replies.
- [GitHub] [archiva-parent] dependabot[bot] opened a new pull request, #89: Bump swagger-codegen-maven-plugin from 3.0.34 to 3.0.36 - posted by GitBox <gi...@apache.org> on 2022/11/14 12:05:25 UTC, 0 replies.
- [GitHub] [archiva-parent] dependabot[bot] commented on pull request #83: Bump swagger-codegen-maven-plugin from 3.0.34 to 3.0.35 - posted by GitBox <gi...@apache.org> on 2022/11/14 12:05:27 UTC, 0 replies.
- [GitHub] [archiva-parent] dependabot[bot] closed pull request #83: Bump swagger-codegen-maven-plugin from 3.0.34 to 3.0.35 - posted by GitBox <gi...@apache.org> on 2022/11/14 12:05:28 UTC, 0 replies.
- [GitHub] [archiva-redback-core] dependabot[bot] opened a new pull request, #87: Bump modernizer-maven-plugin from 1.9.0 to 2.5.0 - posted by GitBox <gi...@apache.org> on 2022/11/14 16:24:13 UTC, 0 replies.
- [GitHub] [archiva-redback-core] dependabot[bot] commented on pull request #57: Bump modernizer-maven-plugin from 1.9.0 to 2.4.0 - posted by GitBox <gi...@apache.org> on 2022/11/14 16:24:16 UTC, 0 replies.
- [GitHub] [archiva-redback-core] dependabot[bot] closed pull request #57: Bump modernizer-maven-plugin from 1.9.0 to 2.4.0 - posted by GitBox <gi...@apache.org> on 2022/11/14 16:24:17 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] opened a new pull request, #42: Bump ehcache from 3.9.9 to 3.10.4 - posted by GitBox <gi...@apache.org> on 2022/11/14 17:10:16 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] commented on pull request #41: Bump ehcache from 3.9.9 to 3.10.3 - posted by GitBox <gi...@apache.org> on 2022/11/14 17:10:19 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] closed pull request #41: Bump ehcache from 3.9.9 to 3.10.3 - posted by GitBox <gi...@apache.org> on 2022/11/14 17:10:20 UTC, 0 replies.
- [GitHub] [archiva-redback-components] dependabot[bot] opened a new pull request, #11: Bump spring-web from 4.1.4.RELEASE to 4.2.7.RELEASE in /redback-components-parent - posted by GitBox <gi...@apache.org> on 2022/11/14 21:21:27 UTC, 0 replies.
- CVE-2022-40308: Apache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files - posted by Olivier Lamy <ol...@apache.org> on 2022/11/15 11:35:42 UTC, 0 replies.
- CVE-2022-40309: Apache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories - posted by Olivier Lamy <ol...@apache.org> on 2022/11/15 11:35:59 UTC, 0 replies.
- [GitHub] [archiva-redback-core] dependabot[bot] opened a new pull request, #88: Bump jackson-databind from 2.12.1 to 2.12.7.1 - posted by GitBox <gi...@apache.org> on 2022/11/16 02:51:39 UTC, 0 replies.
- [GitHub] [archiva-redback-core] dependabot[bot] commented on pull request #83: Bump jackson-databind from 2.12.1 to 2.13.4.1 - posted by GitBox <gi...@apache.org> on 2022/11/16 02:51:41 UTC, 0 replies.
- [GitHub] [archiva-redback-core] dependabot[bot] closed pull request #83: Bump jackson-databind from 2.12.1 to 2.13.4.1 - posted by GitBox <gi...@apache.org> on 2022/11/16 02:51:42 UTC, 0 replies.
- [GitHub] [archiva] dependabot[bot] opened a new pull request, #130: Bump jackson-databind from 2.12.2 to 2.12.7.1 - posted by GitBox <gi...@apache.org> on 2022/11/16 02:52:42 UTC, 0 replies.
- [GitHub] [archiva] dependabot[bot] commented on pull request #128: Bump jackson-databind from 2.12.2 to 2.13.4.1 - posted by GitBox <gi...@apache.org> on 2022/11/16 02:52:44 UTC, 0 replies.
- [GitHub] [archiva] dependabot[bot] closed pull request #128: Bump jackson-databind from 2.12.2 to 2.13.4.1 - posted by GitBox <gi...@apache.org> on 2022/11/16 02:52:45 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] opened a new pull request, #43: Bump ehcache from 3.9.9 to 3.10.6 - posted by GitBox <gi...@apache.org> on 2022/11/17 17:11:37 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] commented on pull request #42: Bump ehcache from 3.9.9 to 3.10.4 - posted by GitBox <gi...@apache.org> on 2022/11/17 17:11:39 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] closed pull request #42: Bump ehcache from 3.9.9 to 3.10.4 - posted by GitBox <gi...@apache.org> on 2022/11/17 17:11:41 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] opened a new pull request, #44: Bump ehcache from 3.9.9 to 3.10.8 - posted by GitBox <gi...@apache.org> on 2022/11/21 17:31:34 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] commented on pull request #43: Bump ehcache from 3.9.9 to 3.10.6 - posted by GitBox <gi...@apache.org> on 2022/11/21 17:31:36 UTC, 0 replies.
- [GitHub] [archiva-components] dependabot[bot] closed pull request #43: Bump ehcache from 3.9.9 to 3.10.6 - posted by GitBox <gi...@apache.org> on 2022/11/21 17:31:37 UTC, 0 replies.