diff --git a/apache-ivy-2.5.1-src.tar.gz b/apache-ivy-2.5.1-src.tar.gz deleted file mode 100644 index 510dfe5..0000000 --- a/apache-ivy-2.5.1-src.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:41c9aa4263d6c0564e9d8bcc4ef4dedb0dd72fd2e5324c6b7f23267bba432076 -size 2725262 diff --git a/apache-ivy-2.5.2-src.tar.gz b/apache-ivy-2.5.2-src.tar.gz new file mode 100644 index 0000000..eb20fec --- /dev/null +++ b/apache-ivy-2.5.2-src.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e06edd472268dbf200c19d16fa595e095837cbac4a7bf29c147c301a0a1b0713 +size 2728835 diff --git a/apache-ivy.changes b/apache-ivy.changes index c513e18..b5c5838 100644 --- a/apache-ivy.changes +++ b/apache-ivy.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Mon Aug 21 23:30:17 UTC 2023 - Fridrich Strba + +- Upgrade to version 2.5.2 (bsc#1214422) + * Fixes: + + ivy:retrieve could fail because of a 'NullPointerException' + (jira:IVY-1641[]) + + reading POMs may loose dependencies when multiple Maven + dependencies only differ in 'classifier' (jira:IVY-1642[]) + + CVE-2022-46751: Apache Ivy Is Vulnerable to XML External + Entity Injections + ------------------------------------------------------------------- Mon Nov 7 08:10:54 UTC 2022 - David Anes diff --git a/apache-ivy.spec b/apache-ivy.spec index b4ebd96..631f6ce 100644 --- a/apache-ivy.spec +++ b/apache-ivy.spec @@ -1,7 +1,7 @@ # # spec file for package apache-ivy # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,7 +21,7 @@ %bcond_without sftp %bcond_without vfs Name: apache-ivy -Version: 2.5.1 +Version: 2.5.2 Release: 0 Summary: Java-based dependency manager License: Apache-2.0 diff --git a/ivy-2.5.1.pom b/ivy-2.5.2.pom similarity index 95% rename from ivy-2.5.1.pom rename to ivy-2.5.2.pom index b2d4d04..0544924 100644 --- a/ivy-2.5.1.pom +++ b/ivy-2.5.2.pom @@ -28,7 +28,7 @@ org.apache.ivy ivy - 2.5.1 + 2.5.2 Apache Ivy http://ant.apache.org/ivy/ @@ -60,13 +60,13 @@ org.apache.ant ant - 1.9.14 + 1.9.16 true org.apache.httpcomponents httpclient - 4.5.10 + 4.5.13 true @@ -108,19 +108,19 @@ org.bouncycastle bcpg-jdk15on - 1.64 + 1.70 true org.bouncycastle bcprov-jdk15on - 1.64 + 1.70 true junit junit - 4.12 + 4.13.2 test @@ -138,7 +138,7 @@ org.apache.ant ant-testutil - 1.9.14 + 1.9.16 test @@ -150,7 +150,7 @@ org.apache.ant ant-launcher - 1.9.14 + 1.9.16 test @@ -162,7 +162,7 @@ org.apache.ant ant-junit - 1.9.14 + 1.9.16 test @@ -174,7 +174,7 @@ org.apache.ant ant-junit4 - 1.9.14 + 1.9.16 test