RHSA-2011:0568: eclipse security, bug fix, and enhancement update
Description
The Eclipse software development environment provides a set of tools forC/C++ and Java development.A cross-site scripting (XSS) flaw was found in the Eclipse Help Contentsweb application. An attacker could use this flaw to perform a cross-sitescripting attack against victims by tricking them into visiting aspecially-crafted Eclipse Help URL. (CVE-2010-4647)The following Eclipse packages have been upgraded to the versions found inthe official upstream Eclipse Helios SR1 release, providing a number ofbug fixes and enhancements over the previous versions:In addition, the following updates were made to the dependencies of theEclipse packages above:This update includes numerous upstream bug fixes and enhancements, such as:This update also fixes the following bugs:Users of eclipse should upgrade to these updated packages, which correctthese issues and add these enhancements.
Solution(s)
- redhat-upgrade-eclipse-birt
- redhat-upgrade-eclipse-callgraph
- redhat-upgrade-eclipse-cdt
- redhat-upgrade-eclipse-cdt-parsers
- redhat-upgrade-eclipse-cdt-sdk
- redhat-upgrade-eclipse-changelog
- redhat-upgrade-eclipse-debuginfo
- redhat-upgrade-eclipse-dtp
- redhat-upgrade-eclipse-emf
- redhat-upgrade-eclipse-emf-examples
- redhat-upgrade-eclipse-emf-sdk
- redhat-upgrade-eclipse-emf-xsd
- redhat-upgrade-eclipse-emf-xsd-sdk
- redhat-upgrade-eclipse-gef
- redhat-upgrade-eclipse-gef-examples
- redhat-upgrade-eclipse-gef-sdk
- redhat-upgrade-eclipse-jdt
- redhat-upgrade-eclipse-linuxprofilingframework
- redhat-upgrade-eclipse-mylyn
- redhat-upgrade-eclipse-mylyn-cdt
- redhat-upgrade-eclipse-mylyn-java
- redhat-upgrade-eclipse-mylyn-pde
- redhat-upgrade-eclipse-mylyn-trac
- redhat-upgrade-eclipse-mylyn-webtasks
- redhat-upgrade-eclipse-mylyn-wikitext
- redhat-upgrade-eclipse-oprofile
- redhat-upgrade-eclipse-oprofile-debuginfo
- redhat-upgrade-eclipse-pde
- redhat-upgrade-eclipse-platform
- redhat-upgrade-eclipse-rcp
- redhat-upgrade-eclipse-rse
- redhat-upgrade-eclipse-swt
- redhat-upgrade-eclipse-valgrind
- redhat-upgrade-icu4j
- redhat-upgrade-icu4j-eclipse
- redhat-upgrade-icu4j-javadoc
- redhat-upgrade-jetty-eclipse
- redhat-upgrade-objectweb-asm
- redhat-upgrade-objectweb-asm-javadoc
- redhat-upgrade-sat4j
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center