[jbosstools-issues] [JBoss JIRA] (JBDS-3314) Include JGit security patch

Martin Malina (JIRA) issues at jboss.org
Wed Jan 14 11:46:50 EST 2015 

    [ https://issues.jboss.org/browse/JBDS-3314?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13032526#comment-13032526 ] 

Martin Malina edited comment on JBDS-3314 at 1/14/15 11:46 AM:
---------------------------------------------------------------

I just checked this running JBDS 8.0.1 with the staging update site configured:
https://devstudio.redhat.com/updates/8.0-staging/
This site contains JBDS 8.0.2.
I was then prompted to update new software.
In the update dialog, I could then see the updated jgit and egit in the details (timestamped 20141218).
I wanted to post a screenshot, but unfortunately now I clicked Install and now it's too late to take a screenshot :(
I will need to check again with the new build of JBDS 8.0.2.GA (the current build does not contain all the expected updates - see JBDS-3315 ). Also, I will check for JBoss Tools, too.


was (Author: mmalina):
I just checked this running JBDS 8.0.1 with the staging update site configured:
https://devstudio.redhat.com/updates/8.0-staging/
This site contains JBDS 8.0.2.
I was then prompted to update new software.
In the update dialog, I could then see the updated jgit and egit in the details (timestamped 20141218).
I wanted to post a screenshot, but unfortunately now I clicked Install and now it's too late to take a screenshot :(

> Include JGit security patch
> ---------------------------
>
>                 Key: JBDS-3314
>                 URL: https://issues.jboss.org/browse/JBDS-3314
>             Project: Developer Studio (JBoss Developer Studio)
>          Issue Type: Bug
>          Components: build, target-platform
>    Affects Versions: 8.0.1.GA
>            Reporter: Mickael Istria
>            Assignee: Mickael Istria
>            Priority: Critical
>             Fix For: 8.0.2.GA
>
>
> A vulnerability was announced in most Git clients (including JGit).
> JGit has provided a new version that fixes this vulnerability, and this has been included in a rebuild of Luna SR1. We should include it.
> https://mmilinkov.wordpress.com/2015/01/12/eclipse-ships-luna-sr1a-git-security-release/



--
This message was sent by Atlassian JIRA
(v6.3.11#6341)

More information about the jbosstools-issues mailing list