https://bugzilla.redhat.com/show_bug.cgi?id=1464158
Bug ID: 1464158
Summary: CVE-2017-9735 jetty: Timing channel attack in
util/security/Password.java
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: eclipse-sig(a)lists.fedoraproject.org,
hhorak(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jjohnstn(a)redhat.com, jorton(a)redhat.com,
krzysztof.daniel(a)gmail.com, mizdebsk(a)redhat.com,
msimacek(a)redhat.com
Jetty is prone to a timing channel in util/security/Password.java, which makes
it easier for remote attackers to obtain access by observing elapsed times
before rejection of incorrect passwords.
Upstream issue:
https://github.com/eclipse/jetty.project/issues/1556
Upstream patch:
https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f…
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1333480
Bug ID: 1333480
Summary: Eclipse won't start a fresh workspace
Product: Fedora
Version: 24
Component: eclipse
Assignee: akurtako(a)redhat.com
Reporter: pedro.lamarao(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, andjrobins(a)gmail.com,
eclipse-sig(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, krzysztof.daniel(a)gmail.com,
mat.booth(a)redhat.com, rgrunber(a)redhat.com
Created attachment 1154254
--> https://bugzilla.redhat.com/attachment.cgi?id=1154254&action=edit
Log file generated in the .metadata directory
Description of problem:
Eclipse won't start a fresh workspace.
Version-Release number of selected component (if applicable):
eclipse-pde-4.6.0-0.5.git201604261105.fc24.x86_64
eclipse-jdt-4.6.0-0.5.git201604261105.fc24.noarch
How reproducible:
Every time Eclipse is opened.
Steps to Reproduce:
1. Open Eclipse from GNOME Shell
2. Select an empty location -- to create a new workspace
Actual results:
Eclipse shows the splash screen then fails to start.
Expected results:
Eclipse shows splash screen then shows de IDE window.
Additional info:
The workspace location is generated with the .metadata directory
containing a .log file. This file is attached to the bug.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1469356
Bug ID: 1469356
Summary: aether-ant-tasks: Port to XMvn 3.0.0
Product: Fedora
Version: rawhide
Component: aether-ant-tasks
Assignee: mizdebsk(a)redhat.com
Reporter: mizdebsk(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: eclipse-sig(a)lists.fedoraproject.org,
java-sig-commits(a)lists.fedoraproject.org,
mizdebsk(a)redhat.com, msimacek(a)redhat.com
aether-ant-tasks needs porting to XMvn 3.0.0 (or retiring).
aether-ant-tasks has broken dependencies in the rawhide tree:
aether-ant-tasks-1.0.1-6.fc26.noarch requires xmvn-launcher
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1309687
Bug ID: 1309687
Summary: Undeclared uses constraints of Apache HttpComponent
bundle cause linkage error at runtime
Product: Fedora
Version: 23
Component: eclipse
Assignee: akurtako(a)redhat.com
Reporter: andreas.sewe(a)codetrails.com
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, andjrobins(a)gmail.com,
eclipse-sig(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, krzysztof.daniel(a)gmail.com,
mat.booth(a)redhat.com, rgrunber(a)redhat.com
External Bug ID: Eclipse Project 488006
Description of problem:
Version-Release number of selected component (if applicable):
1:4.5.1-1.fc23
How reproducible:
Always.
Steps to Reproduce:
1. Install "Eclipse" (version 1:4.5.1-1.fc23) from "Software"
2. Start Eclipse
3. Help > Install New Software "Code Recommenders for Java Developers" from
pre-configured update site <http://download.eclipse.org/releases/mars>
4. Restart Eclipse
5. Try to open Code Recommenders "Model Repositories" view (it is not there, as
bundles for Code Recommenders" are not resolved. This is the *first* problem
6. Start Eclipse with "-clean" option
7. Try to open Code Recommenders "Model Repositories" view again
Actual results:
An error dialog appear: loader constraint violation in interface itable
initialization: when resolving method
"org.apache.http.message.AbstractHttpMessage.getHeaders(Ljava/lang/String;)[Lorg/apache/http/Header;"
the class loader (instance of
org/eclipse/osgi/internal/loader/EquinoxClassLoader) of the current class,
org/apache/http/client/methods/AbstractExecutionAwareRequest, and the class
loader (instance of org/eclipse/osgi/internal/loader/EquinoxClassLoader) for
interface org/apache/http/HttpMessage have different Class objects for the type
[Lorg/apache/http/Header; used in the signature
Expected results:
The "Model Repositories" view opens and (in the background) a download of the
model repository index for is started. Once finished, the view shows 4.5.76
known coordinates for the "mars" model repository.
Additional info:
More details on what the OSGi bundle headers look like can be found in the bug
I filled with the Eclipse Orbit project [1], although they are not the ones who
distribute bundles with faulty Export-Package headers (i.e., headers without
uses constraints).
FWIW, the symptoms seem to be very similar to those of Bug 807044.
[1] <https://bugs.eclipse.org/bugs/show_bug.cgi?id=488006>
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1474069
Bug ID: 1474069
Summary: [Packaging] Please don't ship source file packages
Product: Fedora
Version: 26
Component: eclipse-pydev
Assignee: akurtako(a)redhat.com
Reporter: rhbz2(a)genodeftest.de
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com,
eclipse-sig(a)lists.fedoraproject.org,
jjohnstn(a)redhat.com
Version-Release number of selected component (if applicable):
eclipse-pydev-5.8.0-1.fc26.x86_64
How reproducible:
always (caused by packaging)
Steps to Reproduce:
1. download or install eclipse-pydev
2. have a look at the internal file structure
Actual results:
for every folder in /usr/lib/eclipse/plugins, eclipse-pydev contains a source
.jar file
Expected results:
Do not contain a source .jar file. Most of the code is written in python, so
source code is not required. Source code belongs into a SRPM file.
Additional info:
See
https://fedoraproject.org/wiki/Packaging:Guidelines#Source_RPM_Buildtime_Ma…
for details.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1445986
Bug ID: 1445986
Summary: Info: Rebuilding internal caches:
/home/christian/src/workspace/.metadata/.plugins/com.p
ython.pydev.analysis/python_v1_3tswbhuj9gc4kibexhrzgzd
x/python.pydevsysteminfo (Expected error to be
provided and got no error!)
Product: Fedora
Version: 25
Component: eclipse-pydev
Assignee: akurtako(a)redhat.com
Reporter: rhbz2(a)genodeftest.de
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com,
eclipse-sig(a)lists.fedoraproject.org,
jjohnstn(a)redhat.com
Version-Release number of selected component:
eclipse-pydev-5.5.0-3.fc25
Additional info:
reporter: libreport-2.8.0
cmdline: /usr/bin/java -Dosgi.requiredJavaVersion=1.8 -Xms512m -Xmx1024m
-Dorg.eclipse.swt.browser.UseWebKitGTK=true -Dhelp.lucene.tokenizer=standard
-XX:CompileCommand=exclude,org/eclipse/core/internal/dtree/DataTreeNode,forwardDeltaWith
-XX:CompileCommand=exclude,org/eclipse/jdt/internal/compiler/lookup/ParameterizedMethodBinding,<init>
-XX:CompileCommand=exclude,org/eclipse/cdt/internal/core/dom/parser/cpp/semantics/CPPTemplates,instantiateTemplate
-XX:CompileCommand=exclude,org/eclipse/cdt/internal/core/pdom/dom/cpp/PDOMCPPLinkage,addBinding
-XX:CompileCommand=exclude,org/python/pydev/editor/codecompletion/revisited/PythonPathHelper,isValidSourceFile
-XX:CompileCommand=exclude,org/eclipse/tycho/core/osgitools/EquinoxResolver,newState
-Dorg.eclipse.equinox.p2.reconciler.dropins.directory=/usr/share/eclipse/dropins
-Dp2.fragments=/usr/share/eclipse/droplets,/usr/lib64/eclipse/droplets
-Declipse.p2.skipMovedInstallDetection=true
-Dosgi.framework.extensions=org.eclipse.wst.jsdt.nashorn.extension -jar
/usr/lib64/eclipse//plugins/org.eclipse.equinox.launcher_1.3.201.v20170306-1705.jar
-os linux -ws gtk -arch x86_64 -showsplash
/usr/lib64/eclipse//plugins/org.eclipse.platform_4.6.3.v20170306-1705/splash.bmp
-launcher /usr/lib64/eclipse/eclipse -name Eclipse --launcher.library
/usr/lib64/eclipse//plugins/org.eclipse.equinox.launcher.gtk.linux.x86_64_1.1.401.v20170306-1705/eclipse_1618.so
-startup
/usr/lib64/eclipse//plugins/org.eclipse.equinox.launcher_1.3.201.v20170306-1705.jar
-protect master --launcher.appendVmargs -exitdata ff0001 -vm /usr/bin/java
-vmargs -Dosgi.requiredJavaVersion=1.8 -Xms512m -Xmx1024m
-Dorg.eclipse.swt.browser.UseWebKitGTK=true -Dhelp.lucene.tokenizer=standard
-XX:CompileCommand=exclude,org/eclipse/core/internal/dtree/DataTreeNode,forwardDeltaWith
-XX:CompileCommand=exclude,org/eclipse/jdt/internal/compiler/lookup/ParameterizedMethodBinding,<init>
-XX:CompileCommand=exclude,org/eclipse/cdt/internal/core/dom/parser/cpp/semantics/CPPTemplates,instantiateTemplate
-XX:CompileCommand=exclude,org/eclipse/cdt/internal/core/pdom/dom/cpp/PDOMCPPLinkage,addBinding
-XX:CompileCommand=exclude,org/python/pydev/editor/codecompletion/revisited/PythonPathHelper,isValidSourceFile
-XX:CompileCommand=exclude,org/eclipse/tycho/core/osgitools/EquinoxResolver,newState
-Dorg.eclipse.equinox.p2.reconciler.dropins.directory=/usr/share/eclipse/dropins
-Dp2.fragments=/usr/share/eclipse/droplets,/usr/lib64/eclipse/droplets
-Declipse.p2.skipMovedInstallDetection=true
-Dosgi.framework.extensions=org.eclipse.wst.jsdt.nashorn.extension -jar
/usr/lib64/eclipse//plugins/org.eclipse.equinox.launcher_1.3.201.v20170306-1705.jar
eclipseplugin: org.python.pydev.shared_core
executable:
/usr/lib64/eclipse/droplets/pydev-core/eclipse/plugins/org.python.pydev.shared_core_5.5.0.201702281600
kernel: 4.10.11-200.fc25.x86_64
pkg_fingerprint: 4089 D8F2 FDB1 9C98
pkg_vendor: Fedora Project
runlevel: N 5
type: libreport
Truncated backtrace:
org.eclipse.epp.logging.aeri.core.util.NoStackTrace: This event was logged
without a stack trace. A synthetic stack trace was hence inserted.
at org.python.pydev.shared_core.log.Log.log(Log.java:97)
at org.python.pydev.core.log.Log.log(Log.java:46)
at
com.python.pydev.analysis.additionalinfo.AbstractAdditionalDependencyInfo.load(AbstractAdditionalDependencyInfo.java:420)
at
com.python.pydev.analysis.additionalinfo.AdditionalSystemInterpreterInfo.getAdditionalSystemInfo(AdditionalSystemInterpreterInfo.java:167)
at
com.python.pydev.analysis.additionalinfo.AdditionalSystemInterpreterInfo.getAdditionalSystemInfo(AdditionalSystemInterpreterInfo.java:138)
at
com.python.pydev.analysis.additionalinfo.AdditionalProjectInterpreterInfo.getAdditionalInfoAndNature(AdditionalProjectInterpreterInfo.java:171)
at
com.python.pydev.analysis.additionalinfo.AdditionalProjectInterpreterInfo.getAdditionalInfoAndNature(AdditionalProjectInterpreterInfo.java:156)
at
com.python.pydev.analysis.additionalinfo.AdditionalProjectInterpreterInfo.getAdditionalInfo(AdditionalProjectInterpreterInfo.java:143)
at
com.python.pydev.analysis.additionalinfo.AdditionalProjectInterpreterInfo.getAdditionalInfo(AdditionalProjectInterpreterInfo.java:133)
at
com.python.pydev.analysis.builder.PreloadAdditionalInfoPyEditListener$1.run(PreloadAdditionalInfoPyEditListener.java:70)
at org.eclipse.core.internal.jobs.Worker.run(Worker.java:55)
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1335759
Bug ID: 1335759
Summary: eclipse-webtools: Bundled eclipselink
Product: Fedora
Version: rawhide
Component: eclipse-webtools
Assignee: gerard(a)ryan.lt
Reporter: mizdebsk(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: eclipse-sig(a)lists.fedoraproject.org, gerard(a)ryan.lt
Description of problem:
Package eclipse-webtools-dali (from eclipse-webtools) bundles the following
libraries:
org.eclipse.persistence.jpa.jpql
org.eclipse.persistence.jpa.jpql.source
/usr/share/eclipse/droplets/webtools-dali/eclipse/plugins/org.eclipse.persistence.jpa.jpql.source_2.6.0.v201602111847.jar
/usr/share/eclipse/droplets/webtools-dali/eclipse/plugins/org.eclipse.persistence.jpa.jpql_2.6.0.v201602111847.jar
These JARs are provided of eclipselink package.
Version-Release number of selected component (if applicable):
eclipse-webtools-dali-3.7.1-3.fc24.noarch
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=1435684
Bug ID: 1435684
Summary: Unhandled event loop exception
Product: Fedora
Version: 25
Component: eclipse
Assignee: akurtako(a)redhat.com
Reporter: jamundso(a)gmail.com
QA Contact: extras-qa(a)fedoraproject.org
CC: akurtako(a)redhat.com, andjrobins(a)gmail.com,
eclipse-sig(a)lists.fedoraproject.org,
jerboaa(a)gmail.com, krzysztof.daniel(a)gmail.com,
mat.booth(a)redhat.com, rgrunber(a)redhat.com
Description of problem:
Created a new shell script file.
Version-Release number of selected component:
eclipse-platform-4.6.2-7.fc25
Additional info:
reporter: libreport-2.8.0
cmdline: /usr/bin/java -Dosgi.requiredJavaVersion=1.8 -Xms512m -Xmx1024m
-Dorg.eclipse.swt.browser.UseWebKitGTK=true -Dhelp.lucene.tokenizer=standard
-XX:CompileCommand=exclude,org/eclipse/core/internal/dtree/DataTreeNode,forwardDeltaWith
-XX:CompileCommand=exclude,org/eclipse/jdt/internal/compiler/lookup/ParameterizedMethodBinding,<init>
-XX:CompileCommand=exclude,org/eclipse/cdt/internal/core/dom/parser/cpp/semantics/CPPTemplates,instantiateTemplate
-XX:CompileCommand=exclude,org/eclipse/cdt/internal/core/pdom/dom/cpp/PDOMCPPLinkage,addBinding
-XX:CompileCommand=exclude,org/python/pydev/editor/codecompletion/revisited/PythonPathHelper,isValidSourceFile
-XX:CompileCommand=exclude,org/eclipse/tycho/core/osgitools/EquinoxResolver,newState
-Dorg.eclipse.equinox.p2.reconciler.dropins.directory=/usr/share/eclipse/dropins
-Dp2.fragments=/usr/share/eclipse/droplets,/usr/lib64/eclipse/droplets
-Declipse.p2.skipMovedInstallDetection=true
-Dosgi.framework.extensions=org.eclipse.wst.jsdt.nashorn.extension -jar
/usr/lib64/eclipse//plugins/org.eclipse.equinox.launcher_1.3.201.v20170109-1424.jar
-os linux -ws gtk -arch x86_64 -showsplash
/usr/lib64/eclipse//plugins/org.eclipse.platform_4.6.2.v20170109-1424/splash.bmp
-launcher /usr/lib64/eclipse/eclipse -name Eclipse --launcher.library
/usr/lib64/eclipse//plugins/org.eclipse.equinox.launcher.gtk.linux.x86_64_1.1.401.v20170109-1424/eclipse_1618.so
-startup
/usr/lib64/eclipse//plugins/org.eclipse.equinox.launcher_1.3.201.v20170109-1424.jar
-protect master --launcher.appendVmargs -exitdata 28000e -vm /usr/bin/java
-vmargs -Dosgi.requiredJavaVersion=1.8 -Xms512m -Xmx1024m
-Dorg.eclipse.swt.browser.UseWebKitGTK=true -Dhelp.lucene.tokenizer=standard
-XX:CompileCommand=exclude,org/eclipse/core/internal/dtree/DataTreeNode,forwardDeltaWith
-XX:CompileCommand=exclude,org/eclipse/jdt/internal/compiler/lookup/ParameterizedMethodBinding,<init>
-XX:CompileCommand=exclude,org/eclipse/cdt/internal/core/dom/parser/cpp/semantics/CPPTemplates,instantiateTemplate
-XX:CompileCommand=exclude,org/eclipse/cdt/internal/core/pdom/dom/cpp/PDOMCPPLinkage,addBinding
-XX:CompileCommand=exclude,org/python/pydev/editor/codecompletion/revisited/PythonPathHelper,isValidSourceFile
-XX:CompileCommand=exclude,org/eclipse/tycho/core/osgitools/EquinoxResolver,newState
-Dorg.eclipse.equinox.p2.reconciler.dropins.directory=/usr/share/eclipse/dropins
-Dp2.fragments=/usr/share/eclipse/droplets,/usr/lib64/eclipse/droplets
-Declipse.p2.skipMovedInstallDetection=true
-Dosgi.framework.extensions=org.eclipse.wst.jsdt.nashorn.extension -jar
/usr/lib64/eclipse//plugins/org.eclipse.equinox.launcher_1.3.201.v20170109-1424.jar
eclipseplugin: org.eclipse.ui
executable:
/usr/lib64/eclipse/plugins/org.eclipse.ui_3.108.1.v20170109-1424.jar
kernel: 4.9.14-200.fc25.x86_64
pkg_fingerprint: 4089 D8F2 FDB1 9C98
pkg_vendor: Fedora Project
runlevel: N 5
type: libreport
uid: 1000
Truncated backtrace:
java.lang.NullPointerException
at
org.eclipse.jface.text.source.SourceViewer.configure(SourceViewer.java:458)
at
org.eclipse.dltk.internal.ui.editor.ScriptSourceViewer.configure(ScriptSourceViewer.java:185)
at
org.eclipse.dltk.internal.ui.text.hover.SourceViewerInformationControl.createViewer(SourceViewerInformationControl.java:228)
at
org.eclipse.dltk.internal.ui.text.hover.SourceViewerInformationControl.<init>(SourceViewerInformationControl.java:169)
at
org.eclipse.dltk.internal.ui.editor.ScriptEditor$4.createInformationControl(ScriptEditor.java:2553)
at
org.eclipse.jface.text.AbstractInformationControlManager.getInformationControl(AbstractInformationControlManager.java:831)
at
org.eclipse.jface.text.AbstractInformationControlManager.internalShowInformationControl(AbstractInformationControlManager.java:1181)
at
org.eclipse.jface.text.AbstractInformationControlManager.presentInformation(AbstractInformationControlManager.java:1163)
at
org.eclipse.jface.text.AbstractHoverInformationControlManager.presentInformation(AbstractHoverInformationControlManager.java:894)
at
org.eclipse.jface.text.AbstractInformationControlManager.setInformation(AbstractInformationControlManager.java:428)
at
org.eclipse.jface.text.source.AnnotationBarHoverManager.computeInformation(AnnotationBarHoverManager.java:337)
at
org.eclipse.jface.text.AbstractInformationControlManager.doShowInformation(AbstractInformationControlManager.java:1144)
at
org.eclipse.jface.text.AbstractHoverInformationControlManager$MouseTracker.mouseHover(AbstractHoverInformationControlManager.java:518)
at
org.eclipse.swt.widgets.TypedListener.handleEvent(TypedListener.java:209)
at org.eclipse.swt.widgets.EventTable.sendEvent(EventTable.java:84)
at org.eclipse.swt.widgets.Display.sendEvent(Display.java:5227)
at org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1340)
at org.eclipse.swt.widgets.Display.runDeferredEvents(Display.java:4561)
at org.eclipse.swt.widgets.Display.readAndDispatch(Display.java:4151)
at
org.eclipse.e4.ui.internal.workbench.swt.PartRenderingEngine$4.run(PartRenderingEngine.java:1121)
at
org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:336)
at
org.eclipse.e4.ui.internal.workbench.swt.PartRenderingEngine.run(PartRenderingEngine.java:1022)
at
org.eclipse.e4.ui.internal.workbench.E4Workbench.createAndRunUI(E4Workbench.java:150)
at org.eclipse.ui.internal.Workbench$5.run(Workbench.java:693)
at
org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:336)
at
org.eclipse.ui.internal.Workbench.createAndRunWorkbench(Workbench.java:610)
at org.eclipse.ui.PlatformUI.createAndRunWorkbench(PlatformUI.java:148)
at
org.eclipse.ui.internal.ide.application.IDEApplication.start(IDEApplication.java:138)
at
org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:196)
at
org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:134)
at
org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:104)
at
org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:388)
at
org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:243)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.eclipse.equinox.launcher.Main.invokeFramework(Main.java:673)
at org.eclipse.equinox.launcher.Main.basicRun(Main.java:610)
at org.eclipse.equinox.launcher.Main.run(Main.java:1519)
at org.eclipse.equinox.launcher.Main.main(Main.java:1492)
--
You are receiving this mail because:
You are on the CC list for the bug.