Community
Participate
Working Groups
I downloaded eclipse-jee-2019-09-R-macosx-cocoa-x86_64.dmg, and ran my virus scanner (Intego) over it. An Apache Felix-related jar was indicated to contain "Java/CVE-2011-3544.dn" malware. See the screenshot for the jar version.
The handbook contains some help regarding how we handle vulnerabilities. https://www.eclipse.org/projects/handbook/#vulnerability
Callum, there's no screenshot attached. Wayne, all of the bundles I see with "felix" in their ID come from the Platform.