SUSE-SU-2024:1304-1

Описание

This update for eclipse, maven-surefire, tycho fixes the following issues:

eclipse received the following security fix:

• CVE-2023-4218: Fixed a bug where parsing files with xml content laeds to XXE attacks. (bsc#1216992)

maven-sunfire was updated from version 2.22.0 to 2.22.2:

• Changes in version 2.22.2:

  • Bugs fixed:

    • Fixed JUnit Runner that writes to System.out corrupts Surefire’s STDOUT when using JUnit’s Vintage Engine

• Changes in version 2.22.1:

  • Bugs fixed:

    • Fixed Surefire unable to run testng suites in parallel
    • Fixed Git wrongly considering PNG files as changed when there is no change
    • Fixed the surefire XSD published on maven site lacking of some rerun element
    • Fixed XML Report elements rerunError, rerunFailure, flakyFailure, flakyError
    • Fixed overriding platform version through project/plugin dependencies
    • Fixed mixed up characters in standard output
    • Logs in Parallel Tests are mixed up when forkMode=never or forkCount=0
    • MIME type for javascript is now officially application/javascript

  • Improvements:

    • Elapsed time in XML Report should satisfy pattern in XSD.
    • Fix old test resources TEST-*.xml in favor of continuing with SUREFIRE-1550
    • Nil element “failureMessage” in failsafe-summary.xml should have self closed tag
    • Removed obsolete module surefire-setup-integration-tests
    • Support Java 11
    • Surefire should support parameterized reportsDirectory

  • Dependency upgrades:

    • Upgraded maven-plugins parent to version 32
    • Upgraded maven-plugins parent to version 33

tycho received the following bug fixes:

• Fixed build against maven-surefire 2.22.1 and newer
• Fixed build against newer plexus-compiler
• Fixed issues with plexus-archiver 4.4.0 and newer
• Require explicitely artifacts that will not be required automatically any more