 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.122170 |
| Kategorie: | Oracle Linux Local Security Checks |
| Titel: | Oracle: Security Advisory (ELSA-2011-0568) |
| Zusammenfassung: | The remote host is missing an update for the 'eclipse, eclipse-birt, eclipse-callgraph, eclipse-cdt, eclipse-changelog, eclipse-dtp, eclipse-emf, eclipse-gef, eclipse-linuxprofilingframework, eclipse-mylyn, eclipse-oprofile, eclipse-rse, eclipse-valgrind, icu4j, jetty-eclipse, objectweb-asm, sat4j' package(s) announced via the ELSA-2011-0568 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'eclipse, eclipse-birt, eclipse-callgraph, eclipse-cdt, eclipse-changelog, eclipse-dtp, eclipse-emf, eclipse-gef, eclipse-linuxprofilingframework, eclipse-mylyn, eclipse-oprofile, eclipse-rse, eclipse-valgrind, icu4j, jetty-eclipse, objectweb-asm, sat4j' package(s) announced via the ELSA-2011-0568 advisory. Vulnerability Insight: eclipse: [1:3.6.1-6.13] - Drop patch to remove ant-trax (needed by test runs). [1:3.6.1-6.12] - Add two upstream patches to allow for running SDK JUnit tests. [1:3.6.1-6.11] - Bring in line with Fedora. - Remove some stuff that is now done in eclipse-build. - Fix sources URL. - Add PDE dependency on zip for pdebuild script. - Use new eclipse-build targets. - Increase minimum required memory in eclipse.ini. [1:3.6.1-6.10] - Put ant.launching into JDT's dropins directory. [1:3.6.1-6.9] - Use apache-tomcat-apis JARs. - Version objectweb-asm BR/R. [1:3.6.1-6.8] - Fix JSP API symlinks. [1:3.6.1-6.7] - Install o.e.jdt.junit.core in jdt (rhbz#663207). [1:3.6.1-6] - Add Eclipse help XSS vulnerability fix (RH Bz #661901). [1:3.6.1-5] - Remove work around for openjdk bug#647737 as openjdk has posted its own work around and will shortly be fixing problem correctly. [1:3.6.1-4] - Work around for openjdk bug#647737. [1:3.6.1-3] - Add missing Requires on tomcat5-jsp-api (bug#650145). [1:3.6.1-2] - Add prepare-build-dir.sh patch. [1:3.6.1-1] - Update to 3.6.1. [1:3.6.0-3] - Increasing min versions for jetty, icu4j-eclipse and sat4j. [1:3.6.0-2] - o.e.core.net.linux is no longer x86 only. [1:3.6.0-1] - Update to 3.6.0. - Based on eclipse-build 0.6.1 RC0. [1:3.5.2-10] - Rebuild for new jetty. [1:3.5.2-9] - Fix typo in symlinking. [1:3.5.2-8] - No need to link jasper. [1:3.5.2-7] - Fix servlet and jsp apis symlinks. [1:3.5.2-6] - Fix jetty symlinks. eclipse-birt: [2.6.0-1.1] - RHEL 6.1 rebase to Helios. [2.6.0-1] - Update to 2.6.0. - Build rhino plugin as part of BIRT chart feature. - Remove unnecessary dependencies. eclipse-callgraph: [0.6.1-1] - Update to upstream 0.6.1 release. - Add reasonable required dependency versions. [0.6.0-2] - Update tag to correct version [0.6.0-1] - Update to version 0.6 of Linux Tools Project. [0.5.0-1] - Resolves: #575108 - Rebase to Linux tools 0.5 release. [0.4.0-2] - Resolves: #553288 - Only support i686, x86_64 for RHEL6 and above. [0.4.0-1] - Update to version 0.4 of Linux Tools Project and remove tests feature [0.0.1-3] - Added ExcludeArch for ppc64 because eclipse-cdt is not present [0.0.1-2] - Some more changes to spec file [0.0.1-1] - Make minor changes to spec file [0.0.1-1] - Initial creation of eclipse-callgraph eclipse-cdt: [1:7.0.1-4] - Resolves: #678364 - Modify a version of copy-platform so it does not add wild-cards when looking in the dropins folder. [1:7.0.1-3] - Resolves: #679543, #678364 - Fix libhover local patch to change location specifiers in glibc and libstdc++ plug-ins. - Fix build so that it still works if eclipse-cdt-parsers is currently installed. [1:7.0.1-2] - Resolves: #622713 - Resolves: #668890 - Fix problems with applying autotools and libhover local patches [1:7.0.1-1] - Resolves: #656333 - Rebase to 7.0.1 (Helios SR1) including gdb hardware support fix - Rebase to ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'eclipse, eclipse-birt, eclipse-callgraph, eclipse-cdt, eclipse-changelog, eclipse-dtp, eclipse-emf, eclipse-gef, eclipse-linuxprofilingframework, eclipse-mylyn, eclipse-oprofile, eclipse-rse, eclipse-valgrind, icu4j, jetty-eclipse, objectweb-asm, sat4j' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-4647 FEDORA-2010-18990 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052532.html FEDORA-2010-19006 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052554.html MDVSA-2011:032 http://www.mandriva.com/security/advisories?name=MDVSA-2011:032 RHSA-2011:0568 http://www.redhat.com/support/errata/RHSA-2011-0568.html [oss-security] 20110106 CVE Request: Eclipse IDE Version: 3.6.1 | Help Server Local Cross Site Scripting (XSS) http://openwall.com/lists/oss-security/2011/01/06/7 [oss-security] 20110106 Re: CVE Request: Eclipse IDE Version: 3.6.1 | Help Server Local Cross Site Scripting (XSS) http://openwall.com/lists/oss-security/2011/01/06/16 eclipseide-querystring-xss(64833) https://exchange.xforce.ibmcloud.com/vulnerabilities/64833 http://yehg.net/lab/pr0js/advisories/eclipse/%5Beclipse_help_server%5D_cross_site_scripting https://bugs.eclipse.org/bugs/show_bug.cgi?id=329582 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |