Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 538
Alerts This Week
Warning Icon 1 538

Fedora 32: FEDORA-2020-cf8ef2f333 moderate: Eclipse Mylyn SSRF Issue

fedora
Calendar Grey August 31, 2020
Dist Fedora Esm H88
Essential update details on Eclipse Mylyn and critical security issues fixed in Fedora 32.
Updates to the latest upstream release of Eclipse

Summary

Mylyn integrates task support into Eclipse. It supports offline editing

for certain task repositories and monitors work activity to hide

information that is not relevant to the current task.

Updates to the latest upstream release of Eclipse. See the upstream release

notes for details: https://eclipseide.org/release/noteworthy/ Also

contains security fixes for CVE-2019-17566 and CVE-2019-17638.

* Tue Jan 28 2020 Mat Booth - 3.25.0-3

- Drop mylyn-docs subpackage (wikitext and epub support) to really simplify the

package

* Tue Sep 17 2019 Mat Booth - 3.25.0-2

- Correct duplicate invokations

* Fri Sep 13 2019 Mat Booth - 3.25.0-1

- Update to final tagged release of 3.25.0

* Mon Jun 17 2019 Mat Booth - 3.25.0-0.11

- Some bundles still are EPL 1

* Fri Jun 14 2019 Mat Booth - 3.25.0-0.10

- Update to latest upstream build

- Update licence tag

* Tue May 14 2019 Mat Booth - 3.25.0-0.9

- Add conditional build for epub support

* Fri May 10 2019 Mat Booth - 3.25.0-0.8

- Don't build and ship tests

* Thu May 9 2019 Mat Booth - 3.25.0-0.7

- Drop ship incubating components, they are not maintained upstream

[ 1 ] Bug #1848617 - CVE-2019-17566 batik: SSRF via "xlink:href"

https://bugzilla.redhat.com/show_bug.cgi?id=1848617

[ 2 ] Bug #1864680 - CVE-2019-17638 jetty: double release of resource can lead to information disclosure

https://bugzilla.redhat.com/show_bug.cgi?id=1864680

su -c 'dnf upgrade --advisory FEDORA-2020-cf8ef2f333' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Product: Fedora 32
Version: 3.25.0
Release: 3.fc32
Summary: Eclipse Mylyn main feature.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.