Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 538
Alerts This Week
Warning Icon 1 538

Fedora 32: 2020-cf8ef2f333 Moderate: Eclipse Double Release Issue

fedora
Calendar Grey August 31, 2020
Dist Fedora Esm H88
The latest Fedora 32 update for Eclipse brings in upstream enhancements and addresses vulnerabilities related to sensitive data leakage.
Updates to the latest upstream release of Eclipse

Summary

The Eclipse platform is designed for building integrated development

environments (IDEs), server-side applications, desktop applications, and

everything in between.

Updates to the latest upstream release of Eclipse. See the upstream release

notes for details: https://eclipseide.org/release/noteworthy/ Also

contains security fixes for CVE-2019-17566 and CVE-2019-17638.

* Fri Aug 21 2020 Mat Booth - 1:4.16-11

- Rebuild with a dependency on obsolete log4j package

- Run mvn_install with Java 11

* Wed Aug 19 2020 Mat Booth - 1:4.16-10

- Rebuild against jakarta servlet API and updated batik

- Update eclipse-build snapshot

* Fri Aug 14 2020 Mat Booth - 1:4.16-9

- Restore explicit glassfish-annotation-api dep

* Fri Aug 14 2020 Mat Booth - 1:4.16-8

- Rebuild for new jetty version

* Mon Jul 27 2020 Fedora Release Engineering - 1:4.16-7

- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Tue Jul 21 2020 Mat Booth - 1:4.16-6

- Require Java 11 explicitly

- Drop hotspot exclusions from the JDK 6 era

* Fri Jul 10 2020 Jiri Vanek - 1:4.16-5

- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11

* Mon Jun 29 2020 Mat Booth - 1:4.16-4

- Update linux-build snapshot and fix adding junit classpath containers to java

projects

* Tue Jun 23 2020 Mat Booth - 1:4.16-3

- Make a bit more portable and fix bootstrap mode

* Fri Jun 19 2020 Mat Booth - 1:4.16-2

- Non-bootstrap build

* Thu Jun 18 2020 Mat Booth - 1:4.16-1

- Update to latest upstream release

* Thu Apr 2 2020 Mat Booth - 1:4.15-5

- Make the requirement on felix-scr more strict

* Thu Apr 2 2020 Mat Booth - 1:4.15-4

- Allow library detector to build on Java 11

* Sun Mar 29 2020 Mat Booth - 1:4.15-3

- Don't build and ship the test framework. We are not shipping any actual tests

anyway and this allows to drop the dependency on mockito and friends.

* Mon Mar 23 2020 Mat Booth - 1:4.15-2

- Set compiler release to Java 8 on certain bundles

* Sat Mar 21 2020 Mat Booth - 1:4.15-1

- Update to latest upstream release

[ 1 ] Bug #1848617 - CVE-2019-17566 batik: SSRF via "xlink:href"

https://bugzilla.redhat.com/show_bug.cgi?id=1848617

[ 2 ] Bug #1864680 - CVE-2019-17638 jetty: double release of resource can lead to information disclosure

https://bugzilla.redhat.com/show_bug.cgi?id=1864680

su -c 'dnf upgrade --advisory FEDORA-2020-cf8ef2f333' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Product: Fedora 32
Version: 4.16
Release: 11.fc32
Summary: An open, extensible IDE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.