Mageia alert MGASA-2012-0183 (eclipse) [LWN.net]


From:
    	       Mageia Updates <buildsystem-daemon@mageia.org> 
To:
    	       updates-announce@ml.mageia.org 
Subject:
    	       [updates-announce] MGASA-2012-0183: eclipse-3.6.2-12.1.mga1
 (1/core),  eclipse-3.7.1-3.3.mga2 (2/core) 
Date:
    	       Sun, 29 Jul 2012 22:29:25 +0200
Message-ID:
    	       <20120729202925.GA1951@valstar.mageia.org>
Archive-link:
    	       Article, Thread
              
MGASA-2012-0183
Date: 	July 29th, 2012
Affected releases: 	1, 2


Description:
The xulrunner library, which is used by the eclipse-swt package to
provide the functionality of the Browser widget in applications using
the SWT user interface library (including Eclipse itself), has been
found to have numerous security vulnerabilities (see our previous
advisories for Firefox for more information on these).

Eclipse has now been built without support for xulrunner, so that users
of Eclipse and other SWT programs will not be exposed to these security
vulnerabilities. The SWT Browser widget will no longer be functional in
any applications that use it. Users that require SWT Browser widget
functionality will need to use an Eclipse distribution from upstream.


Updated Packages:
Mageia 1:
eclipse-jdt-3.6.2-12.1.mga1
eclipse-pde-3.6.2-12.1.mga1
eclipse-platform-3.6.2-12.1.mga1
eclipse-rcp-3.6.2-12.1.mga1
eclipse-swt-3.6.2-12.1.mga1

Mageia 2:
eclipse-equinox-osgi-3.7.1-3.3.mga2
eclipse-jdt-3.7.1-3.3.mga2
eclipse-pde-3.7.1-3.3.mga2
eclipse-platform-3.7.1-3.3.mga2
eclipse-rcp-3.7.1-3.3.mga2
eclipse-swt-3.7.1-3.3.mga2


References:
https://bugs.mageia.org/show_bug.cgi?id=6611
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-...
(Log in to post comments)