 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.122170 |
| Categoría: | Oracle Linux Local Security Checks |
| Título: | Oracle: Security Advisory (ELSA-2011-0568) |
| Resumen: | The remote host is missing an update for the 'eclipse, eclipse-birt, eclipse-callgraph, eclipse-cdt, eclipse-changelog, eclipse-dtp, eclipse-emf, eclipse-gef, eclipse-linuxprofilingframework, eclipse-mylyn, eclipse-oprofile, eclipse-rse, eclipse-valgrind, icu4j, jetty-eclipse, objectweb-asm, sat4j' package(s) announced via the ELSA-2011-0568 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'eclipse, eclipse-birt, eclipse-callgraph, eclipse-cdt, eclipse-changelog, eclipse-dtp, eclipse-emf, eclipse-gef, eclipse-linuxprofilingframework, eclipse-mylyn, eclipse-oprofile, eclipse-rse, eclipse-valgrind, icu4j, jetty-eclipse, objectweb-asm, sat4j' package(s) announced via the ELSA-2011-0568 advisory. Vulnerability Insight: eclipse: [1:3.6.1-6.13] - Drop patch to remove ant-trax (needed by test runs). [1:3.6.1-6.12] - Add two upstream patches to allow for running SDK JUnit tests. [1:3.6.1-6.11] - Bring in line with Fedora. - Remove some stuff that is now done in eclipse-build. - Fix sources URL. - Add PDE dependency on zip for pdebuild script. - Use new eclipse-build targets. - Increase minimum required memory in eclipse.ini. [1:3.6.1-6.10] - Put ant.launching into JDT's dropins directory. [1:3.6.1-6.9] - Use apache-tomcat-apis JARs. - Version objectweb-asm BR/R. [1:3.6.1-6.8] - Fix JSP API symlinks. [1:3.6.1-6.7] - Install o.e.jdt.junit.core in jdt (rhbz#663207). [1:3.6.1-6] - Add Eclipse help XSS vulnerability fix (RH Bz #661901). [1:3.6.1-5] - Remove work around for openjdk bug#647737 as openjdk has posted its own work around and will shortly be fixing problem correctly. [1:3.6.1-4] - Work around for openjdk bug#647737. [1:3.6.1-3] - Add missing Requires on tomcat5-jsp-api (bug#650145). [1:3.6.1-2] - Add prepare-build-dir.sh patch. [1:3.6.1-1] - Update to 3.6.1. [1:3.6.0-3] - Increasing min versions for jetty, icu4j-eclipse and sat4j. [1:3.6.0-2] - o.e.core.net.linux is no longer x86 only. [1:3.6.0-1] - Update to 3.6.0. - Based on eclipse-build 0.6.1 RC0. [1:3.5.2-10] - Rebuild for new jetty. [1:3.5.2-9] - Fix typo in symlinking. [1:3.5.2-8] - No need to link jasper. [1:3.5.2-7] - Fix servlet and jsp apis symlinks. [1:3.5.2-6] - Fix jetty symlinks. eclipse-birt: [2.6.0-1.1] - RHEL 6.1 rebase to Helios. [2.6.0-1] - Update to 2.6.0. - Build rhino plugin as part of BIRT chart feature. - Remove unnecessary dependencies. eclipse-callgraph: [0.6.1-1] - Update to upstream 0.6.1 release. - Add reasonable required dependency versions. [0.6.0-2] - Update tag to correct version [0.6.0-1] - Update to version 0.6 of Linux Tools Project. [0.5.0-1] - Resolves: #575108 - Rebase to Linux tools 0.5 release. [0.4.0-2] - Resolves: #553288 - Only support i686, x86_64 for RHEL6 and above. [0.4.0-1] - Update to version 0.4 of Linux Tools Project and remove tests feature [0.0.1-3] - Added ExcludeArch for ppc64 because eclipse-cdt is not present [0.0.1-2] - Some more changes to spec file [0.0.1-1] - Make minor changes to spec file [0.0.1-1] - Initial creation of eclipse-callgraph eclipse-cdt: [1:7.0.1-4] - Resolves: #678364 - Modify a version of copy-platform so it does not add wild-cards when looking in the dropins folder. [1:7.0.1-3] - Resolves: #679543, #678364 - Fix libhover local patch to change location specifiers in glibc and libstdc++ plug-ins. - Fix build so that it still works if eclipse-cdt-parsers is currently installed. [1:7.0.1-2] - Resolves: #622713 - Resolves: #668890 - Fix problems with applying autotools and libhover local patches [1:7.0.1-1] - Resolves: #656333 - Rebase to 7.0.1 (Helios SR1) including gdb hardware support fix - Rebase to ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'eclipse, eclipse-birt, eclipse-callgraph, eclipse-cdt, eclipse-changelog, eclipse-dtp, eclipse-emf, eclipse-gef, eclipse-linuxprofilingframework, eclipse-mylyn, eclipse-oprofile, eclipse-rse, eclipse-valgrind, icu4j, jetty-eclipse, objectweb-asm, sat4j' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-4647 FEDORA-2010-18990 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052532.html FEDORA-2010-19006 http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052554.html MDVSA-2011:032 http://www.mandriva.com/security/advisories?name=MDVSA-2011:032 RHSA-2011:0568 http://www.redhat.com/support/errata/RHSA-2011-0568.html [oss-security] 20110106 CVE Request: Eclipse IDE Version: 3.6.1 | Help Server Local Cross Site Scripting (XSS) http://openwall.com/lists/oss-security/2011/01/06/7 [oss-security] 20110106 Re: CVE Request: Eclipse IDE Version: 3.6.1 | Help Server Local Cross Site Scripting (XSS) http://openwall.com/lists/oss-security/2011/01/06/16 eclipseide-querystring-xss(64833) https://exchange.xforce.ibmcloud.com/vulnerabilities/64833 http://yehg.net/lab/pr0js/advisories/eclipse/%5Beclipse_help_server%5D_cross_site_scripting https://bugs.eclipse.org/bugs/show_bug.cgi?id=329582 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |