[Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-17637/eclipse-wtp

Tue Sep 15 20:00:38 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
35ca0766 by Salvatore Bonaccorso at 2020-09-15T21:00:03+02:00
Update information on CVE-2019-17637/eclipse-wtp

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -66440,9 +66440,11 @@ CVE-2019-17638 (In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521,
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=564984
 	NOTE: https://github.com/eclipse/jetty.project/issues/4936
 CVE-2019-17637 (In all versions of Eclipse Web Tools Platform through release 3.18 (20 ...)
-	- eclipse-wtp <unfixed>
+	- eclipse-wtp 3.18-1
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=458571
 	NOTE: http://git.eclipse.org/c/sourceediting/webtools.sourceediting.git/commit/?id=9644d4217cd6e3be367d654a8320104d88ddfd6b
+	NOTE: Issue fixed along when packaging 3.18 upstream version as in the Debian
+	NOTE: source (re)packaging the DTDParser.java and DTDValidator.java were removed.
 CVE-2019-17636 (In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre ...)
 	NOT-FOR-US: Eclipse Theia
 CVE-2019-17635 (Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a dese ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35ca076642a34012cd26db6bd6656170676807f3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35ca076642a34012cd26db6bd6656170676807f3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200915/77ec8f5b/attachment.html>
