--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2020-cf8ef2f333
2020-08-31 15:48:37.485399
--------------------------------------------------------------------------------Name        : eclipse-m2e-core
Product     : Fedora 32
Version     : 1.16.1
Release     : 1.fc32
URL         : https://eclipse.dev/m2e/
Summary     : Maven integration for Eclipse
Description :
The goal of the m2ec project is to provide a first-class Apache Maven support
in the Eclipse IDE, making it easier to edit Maven's pom.xml, run a build from
the IDE and much more. For Java developers, the very tight integration with JDT
greatly simplifies the consumption of Java artifacts either being hosted on open
source repositories such as Maven Central, or in your in-house Maven repository.

m2e is also a platform that let others provide better integration with
additional Maven plugins (e.g. Android, web development, etc.), and facilitates
the distribution of those extensions through the m2e marketplace.

--------------------------------------------------------------------------------Update Information:

Updates to the latest upstream release of Eclipse. See the upstream release
notes for details: https://eclipseide.org/release/noteworthy/  Also
contains security fixes for CVE-2019-17566 and CVE-2019-17638.
--------------------------------------------------------------------------------ChangeLog:

* Fri Aug 14 2020 Mat Booth  - 1.16.1-1
- Update to latest upstream release
* Thu Aug  6 2020 Mat Booth  - 1.16.0-7
- Fix broken requires
* Mon Jul 27 2020 Fedora Release Engineering  - 1.16.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu Jul 16 2020 Mat Booth  - 1.16.0-5
- Remove explicit BR on javax.annotation-api, since Eclipse platform will pull
  in either the javax or jakarta version as required
* Mon Jul 13 2020 Jiri Vanek  - 1.16.0-4
- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11
* Mon Jul 13 2020 Mat Booth  - 1.16.0-3
- Patch out dep on aether and obsolete javadoc package
* Fri Jul 10 2020 Jiri Vanek  - 1.16.0-2
- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11
* Thu Jun 25 2020 Mat Booth  - 1.16.0-1
- Update to latest upstream release
* Wed Apr  1 2020 Mat Booth  - 1.15.0-3
- Add patch to fix NoClassDefFoundErrors
* Wed Mar 25 2020 Mat Booth  - 1.15.0-2
- Improve archetype patch
* Sun Mar 22 2020 Mat Booth  - 1.15.0-1
- Update to latest upstream release
* Tue Jan  7 2020 Mat Booth  - 1.14.0-2
- Correctly obsolete tests
* Fri Dec 20 2019 Mat Booth  - 1.14.0-1
- Update to latest upstream release
- Don't build and ship tests
* Thu Aug  1 2019 Mat Booth  - 1.11.0-8
- Rebuild against new maven-archetype and regenerate runtime requires
* Tue Jul  2 2019 Mat Booth  - 1.11.0-7
- Re-generate OSGi BRs
* Mon Jul  1 2019 Mat Booth  - 1.11.0-6
- Drop hard requirement on xbean, not really needed by maven
* Fri Jun 21 2019 Mat Booth  - 1.11.0-5
- Backport fix to correct 'Failed to evaluate: ReferenceExpression' errors in
  log
* Tue Jun 18 2019 Mat Booth  - 1.11.0-4
- Rebuild against maven-indexer 6.0
* Wed Jun 12 2019 Mat Booth  - 1.11.0-3
- Add obsoletes for eclipse-m2e-sourcelookup
* Wed Jun 12 2019 Mat Booth  - 1.11.0-2
- Fix build against modularised maven-resolver
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1848617 - CVE-2019-17566 batik: SSRF via "xlink:href"
        https://bugzilla.redhat.com/show_bug.cgi?id=1848617
  [ 2 ] Bug #1864680 - CVE-2019-17638 jetty: double release of resource can lead to information disclosure
        https://bugzilla.redhat.com/show_bug.cgi?id=1864680
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-cf8ef2f333' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Fedora 32: eclipse-m2e-core 2020-cf8ef2f333

August 31, 2020
Updates to the latest upstream release of Eclipse

Summary

The goal of the m2ec project is to provide a first-class Apache Maven support

in the Eclipse IDE, making it easier to edit Maven's pom.xml, run a build from

the IDE and much more. For Java developers, the very tight integration with JDT

greatly simplifies the consumption of Java artifacts either being hosted on open

source repositories such as Maven Central, or in your in-house Maven repository.

m2e is also a platform that let others provide better integration with

additional Maven plugins (e.g. Android, web development, etc.), and facilitates

the distribution of those extensions through the m2e marketplace.

Updates to the latest upstream release of Eclipse. See the upstream release

notes for details: https://eclipseide.org/release/noteworthy/ Also

contains security fixes for CVE-2019-17566 and CVE-2019-17638.

* Fri Aug 14 2020 Mat Booth - 1.16.1-1

- Update to latest upstream release

* Thu Aug 6 2020 Mat Booth - 1.16.0-7

- Fix broken requires

* Mon Jul 27 2020 Fedora Release Engineering - 1.16.0-6

- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Thu Jul 16 2020 Mat Booth - 1.16.0-5

- Remove explicit BR on javax.annotation-api, since Eclipse platform will pull

in either the javax or jakarta version as required

* Mon Jul 13 2020 Jiri Vanek - 1.16.0-4

- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11

* Mon Jul 13 2020 Mat Booth - 1.16.0-3

- Patch out dep on aether and obsolete javadoc package

* Fri Jul 10 2020 Jiri Vanek - 1.16.0-2

- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11

* Thu Jun 25 2020 Mat Booth - 1.16.0-1

- Update to latest upstream release

* Wed Apr 1 2020 Mat Booth - 1.15.0-3

- Add patch to fix NoClassDefFoundErrors

* Wed Mar 25 2020 Mat Booth - 1.15.0-2

- Improve archetype patch

* Sun Mar 22 2020 Mat Booth - 1.15.0-1

- Update to latest upstream release

* Tue Jan 7 2020 Mat Booth - 1.14.0-2

- Correctly obsolete tests

* Fri Dec 20 2019 Mat Booth - 1.14.0-1

- Update to latest upstream release

- Don't build and ship tests

* Thu Aug 1 2019 Mat Booth - 1.11.0-8

- Rebuild against new maven-archetype and regenerate runtime requires

* Tue Jul 2 2019 Mat Booth - 1.11.0-7

- Re-generate OSGi BRs

* Mon Jul 1 2019 Mat Booth - 1.11.0-6

- Drop hard requirement on xbean, not really needed by maven

* Fri Jun 21 2019 Mat Booth - 1.11.0-5

- Backport fix to correct 'Failed to evaluate: ReferenceExpression' errors in

log

* Tue Jun 18 2019 Mat Booth - 1.11.0-4

- Rebuild against maven-indexer 6.0

* Wed Jun 12 2019 Mat Booth - 1.11.0-3

- Add obsoletes for eclipse-m2e-sourcelookup

* Wed Jun 12 2019 Mat Booth - 1.11.0-2

- Fix build against modularised maven-resolver

[ 1 ] Bug #1848617 - CVE-2019-17566 batik: SSRF via "xlink:href"

https://bugzilla.redhat.com/show_bug.cgi?id=1848617

[ 2 ] Bug #1864680 - CVE-2019-17638 jetty: double release of resource can lead to information disclosure

https://bugzilla.redhat.com/show_bug.cgi?id=1864680

su -c 'dnf upgrade --advisory FEDORA-2020-cf8ef2f333' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

FEDORA-2020-cf8ef2f333 2020-08-31 15:48:37.485399 Product : Fedora 32 Version : 1.16.1 Release : 1.fc32 URL : https://eclipse.dev/m2e/ Summary : Maven integration for Eclipse Description : The goal of the m2ec project is to provide a first-class Apache Maven support in the Eclipse IDE, making it easier to edit Maven's pom.xml, run a build from the IDE and much more. For Java developers, the very tight integration with JDT greatly simplifies the consumption of Java artifacts either being hosted on open source repositories such as Maven Central, or in your in-house Maven repository. m2e is also a platform that let others provide better integration with additional Maven plugins (e.g. Android, web development, etc.), and facilitates the distribution of those extensions through the m2e marketplace. Updates to the latest upstream release of Eclipse. See the upstream release notes for details: https://eclipseide.org/release/noteworthy/ Also contains security fixes for CVE-2019-17566 and CVE-2019-17638. * Fri Aug 14 2020 Mat Booth - 1.16.1-1 - Update to latest upstream release * Thu Aug 6 2020 Mat Booth - 1.16.0-7 - Fix broken requires * Mon Jul 27 2020 Fedora Release Engineering - 1.16.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Thu Jul 16 2020 Mat Booth - 1.16.0-5 - Remove explicit BR on javax.annotation-api, since Eclipse platform will pull in either the javax or jakarta version as required * Mon Jul 13 2020 Jiri Vanek - 1.16.0-4 - Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11 * Mon Jul 13 2020 Mat Booth - 1.16.0-3 - Patch out dep on aether and obsolete javadoc package * Fri Jul 10 2020 Jiri Vanek - 1.16.0-2 - Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11 * Thu Jun 25 2020 Mat Booth - 1.16.0-1 - Update to latest upstream release * Wed Apr 1 2020 Mat Booth - 1.15.0-3 - Add patch to fix NoClassDefFoundErrors * Wed Mar 25 2020 Mat Booth - 1.15.0-2 - Improve archetype patch * Sun Mar 22 2020 Mat Booth - 1.15.0-1 - Update to latest upstream release * Tue Jan 7 2020 Mat Booth - 1.14.0-2 - Correctly obsolete tests * Fri Dec 20 2019 Mat Booth - 1.14.0-1 - Update to latest upstream release - Don't build and ship tests * Thu Aug 1 2019 Mat Booth - 1.11.0-8 - Rebuild against new maven-archetype and regenerate runtime requires * Tue Jul 2 2019 Mat Booth - 1.11.0-7 - Re-generate OSGi BRs * Mon Jul 1 2019 Mat Booth - 1.11.0-6 - Drop hard requirement on xbean, not really needed by maven * Fri Jun 21 2019 Mat Booth - 1.11.0-5 - Backport fix to correct 'Failed to evaluate: ReferenceExpression' errors in log * Tue Jun 18 2019 Mat Booth - 1.11.0-4 - Rebuild against maven-indexer 6.0 * Wed Jun 12 2019 Mat Booth - 1.11.0-3 - Add obsoletes for eclipse-m2e-sourcelookup * Wed Jun 12 2019 Mat Booth - 1.11.0-2 - Fix build against modularised maven-resolver [ 1 ] Bug #1848617 - CVE-2019-17566 batik: SSRF via "xlink:href" https://bugzilla.redhat.com/show_bug.cgi?id=1848617 [ 2 ] Bug #1864680 - CVE-2019-17638 jetty: double release of resource can lead to information disclosure https://bugzilla.redhat.com/show_bug.cgi?id=1864680 su -c 'dnf upgrade --advisory FEDORA-2020-cf8ef2f333' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Severity
Product : Fedora 32
Version : 1.16.1
Release : 1.fc32
URL : https://eclipse.dev/m2e/
Summary : Maven integration for Eclipse

Related News