update security page Signed-off-by: Olivier Lamy <olamy@apache.org>

commit: 3cb3e6218538f3d76f613be128eee24d5c3ad318 [log] [tgz]
author: Olivier Lamy <olamy@apache.org> Tue May 31 20:40:35 2022 +1000
committer: Olivier Lamy <olamy@apache.org> Tue May 31 20:40:35 2022 +1000
tree: 69edb8146e2683627569246d37e98ba9e97090fb
parent: 619d481beffa4925ec8139465565a414e1d96583 [diff]
diff --git a/src/site/apt/security.apt b/src/site/apt/security.apt
index 3b6a113..775a2d5 100644
--- a/src/site/apt/security.apt
+++ b/src/site/apt/security.apt

@@ -36,6 +36,8 @@
 
 %{toc|fromDepth=2|toDepth=2}
 
+* {CVE-2022-29405}:  Apache Archiva Arbitrary user password reset vulnerability
+
 * {CVE-2021-45105}: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation
 
   This may be used by attackers, if users changed the default Archiva log4j2.xml configuration.
commit	3cb3e6218538f3d76f613be128eee24d5c3ad318	[log] [tgz]
author	Olivier Lamy <olamy@apache.org>	Tue May 31 20:40:35 2022 +1000
committer	Olivier Lamy <olamy@apache.org>	Tue May 31 20:40:35 2022 +1000
tree	69edb8146e2683627569246d37e98ba9e97090fb
parent	619d481beffa4925ec8139465565a414e1d96583 [diff]