(RHSA-2020:5168) Moderate: rh-eclipse security, bug fix and enhancement update

2020-11-2308:51:52

access.redhat.com

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

4.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

29.9%

JSON

Eclipse is an integrated development environment (IDE).

The rh-eclipse packages have been upgraded to version 4.17, which is based on the Eclipse Foundation’s 2020-09 release train.

For instructions on how to use rh-eclipse, see Using Eclipse linked from the References section.

Security Fix(es):

jetty: local temporary directory hijacking vulnerability (CVE-2020-27216)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Changes chapter in the Using Eclipse guide linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchrh-eclipse-eclipse-gef-sdk< 3.11.0-14.1.el7rh-eclipse-eclipse-gef-sdk-3.11.0-14.1.el7.noarch.rpm
RedHat7noarchrh-eclipse-netty< 4.1.51-1.2.el7rh-eclipse-netty-4.1.51-1.2.el7.noarch.rpm
RedHat7noarchrh-eclipse-felix-gogo-command< 1.0.2-12.1.el7rh-eclipse-felix-gogo-command-1.0.2-12.1.el7.noarch.rpm
RedHat7noarchrh-eclipse-lucene-join< 8.6.3-1.1.el7rh-eclipse-lucene-join-8.6.3-1.1.el7.noarch.rpm
RedHat7noarchrh-eclipse-xmlrpc-javadoc< 3.1.3-27.1.el7rh-eclipse-xmlrpc-javadoc-3.1.3-27.1.el7.noarch.rpm
RedHat7noarchrh-eclipse-eclipse-emf-xsd< 2.23.0-1.1.el7rh-eclipse-eclipse-emf-xsd-2.23.0-1.1.el7.noarch.rpm
RedHat7x86_64rh-eclipse-eclipse-swt< 4.17-2.2.el7_9rh-eclipse-eclipse-swt-4.17-2.2.el7_9.x86_64.rpm
RedHat7noarchrh-eclipse-jython-demo< 2.7.1-14.1.el7_9rh-eclipse-jython-demo-2.7.1-14.1.el7_9.noarch.rpm
RedHat7noarchrh-eclipse-batik-util< 1.13-1.1.el7rh-eclipse-batik-util-1.13-1.1.el7.noarch.rpm
RedHat7noarchrh-eclipse-jnr-x86asm-javadoc< 1.0.2-22.1.el7rh-eclipse-jnr-x86asm-javadoc-1.0.2-22.1.el7.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	noarch	rh-eclipse-eclipse-gef-sdk	< 3.11.0-14.1.el7	rh-eclipse-eclipse-gef-sdk-3.11.0-14.1.el7.noarch.rpm
RedHat	7	noarch	rh-eclipse-netty	< 4.1.51-1.2.el7	rh-eclipse-netty-4.1.51-1.2.el7.noarch.rpm
RedHat	7	noarch	rh-eclipse-felix-gogo-command	< 1.0.2-12.1.el7	rh-eclipse-felix-gogo-command-1.0.2-12.1.el7.noarch.rpm
RedHat	7	noarch	rh-eclipse-lucene-join	< 8.6.3-1.1.el7	rh-eclipse-lucene-join-8.6.3-1.1.el7.noarch.rpm
RedHat	7	noarch	rh-eclipse-xmlrpc-javadoc	< 3.1.3-27.1.el7	rh-eclipse-xmlrpc-javadoc-3.1.3-27.1.el7.noarch.rpm
RedHat	7	noarch	rh-eclipse-eclipse-emf-xsd	< 2.23.0-1.1.el7	rh-eclipse-eclipse-emf-xsd-2.23.0-1.1.el7.noarch.rpm
RedHat	7	x86_64	rh-eclipse-eclipse-swt	< 4.17-2.2.el7_9	rh-eclipse-eclipse-swt-4.17-2.2.el7_9.x86_64.rpm
RedHat	7	noarch	rh-eclipse-jython-demo	< 2.7.1-14.1.el7_9	rh-eclipse-jython-demo-2.7.1-14.1.el7_9.noarch.rpm
RedHat	7	noarch	rh-eclipse-batik-util	< 1.13-1.1.el7	rh-eclipse-batik-util-1.13-1.1.el7.noarch.rpm
RedHat	7	noarch	rh-eclipse-jnr-x86asm-javadoc	< 1.0.2-22.1.el7	rh-eclipse-jnr-x86asm-javadoc-1.0.2-22.1.el7.noarch.rpm