devel/maven: update to 3.8.1
ClosedPublic
Actions

Authored by kbowling on Apr 19 2021, 6:06 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Dec 27 2024, 6:58 PM

	Unknown Object (File)
	Sep 17 2024, 9:28 PM

	Unknown Object (File)
	Sep 8 2024, 12:10 AM

	Unknown Object (File)
	Feb 12 2024, 4:24 PM

	Unknown Object (File)
	Dec 21 2023, 7:07 PM

	Unknown Object (File)
	Dec 20 2023, 8:38 AM

	Unknown Object (File)
	Nov 10 2023, 9:51 PM

	Unknown Object (File)
	Nov 8 2023, 9:55 PM

View All 14 Files

Subscribers

None

Details

Reviewers

bapt
mat

Summary

MFH to 2021Q2 of 887cfadcdf5e without the vuxml bits

Author: Kevin Bowling <kbowling@FreeBSD.org>
Date: Mon Apr 19 11:00:15 2021 -0700

devel/maven: update to 3.8.1

This is not just a bugfix as it contains three features that cause a change of
default behavior (external HTTP insecure URLs are now blocked by default): your
builds may fail when using this new Maven release, if you use now blocked
repositories. Please check and eventually fix before upgrading.

Changes http://maven.apache.org/docs/3.8.1/release-notes.html

PR:             255161
Approved by:    Jonathan Chen <jonc@chen.org.nz> (maintainer)
Security:       CVE-2021-26291
                CVE-2020-13956

(cherry picked from commit 887cfadcdf5e7ce9a33ef83ee6ee7b63ff855830)