/hg/icedtea-web: 2 new changesets
dbhole at icedtea.classpath.org
dbhole at icedtea.classpath.org
Tue Feb 15 14:06:10 PST 2011
changeset 5cb73fdbe246 in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=5cb73fdbe246
author: Deepak Bhole <dbhole at redhat.com>
date: Tue Feb 15 17:02:05 2011 -0500
Fix S6983554, CVE-2010-4450: Launcher incorrect processing of empty
library path entries
changeset 2289777074ae in /hg/icedtea-web
details: http://icedtea.classpath.org/hg/icedtea-web?cmd=changeset;node=2289777074ae
author: Deepak Bhole <dbhole at redhat.com>
date: Tue Feb 15 17:03:09 2011 -0500
Fixed RH677332, CVE-2011-0706: IcedTea multiple signers privilege
escalation
diffstat:
4 files changed, 26 insertions(+), 2 deletions(-)
ChangeLog | 15 +++++++++++++++
NEWS | 3 +++
launcher/java_md.c | 2 +-
netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 8 +++++++-
diffs (70 lines):
diff -r cd1eda4f0d97 -r 2289777074ae ChangeLog
--- a/ChangeLog Tue Feb 15 11:01:01 2011 -0500
+++ b/ChangeLog Tue Feb 15 17:03:09 2011 -0500
@@ -9,6 +9,21 @@ 2011-02-15 Omair Majid <omajid at redhat.
* plugin/icedteanp/java/sun/applet/PluginProxySelector.java
(TimedHashMap): Moved to...
* netx/net/sourceforge/jnlp/util/TimedHashMap.java: New file.
+
+2011-02-11 Omair Majid <omajid at redhat.com>
+
+ RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation
+ * NEWS: Updated.
+ * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
+ (initializeResources): Assign appropriate security descriptor based on
+ code signing.
+
+2011-02-11 Deepak Bhole <dbhole at redhat.com>
+
+ Fix S6983554, CVE-2010-4450: Launcher incorrect processing of empty
+ library path entries
+ * NEWS: Updated.
+ * launcher/java_md.c: Ignore empty LD_LIBRARY_PATH.
2011-02-11 Omair Majid <omajid at redhat.com>
diff -r cd1eda4f0d97 -r 2289777074ae NEWS
--- a/NEWS Tue Feb 15 11:01:01 2011 -0500
+++ b/NEWS Tue Feb 15 17:03:09 2011 -0500
@@ -9,6 +9,9 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/
CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
New in release 1.1 (2011-XX-XX):
+* Security updates
+ - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
+ - RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation
* NetX
- Use Firefox's proxy settings if possible
- RH669942: javaws fails to download version/packed files (missing support for jnlp.packEnabled and jnlp.versionEnabled)
diff -r cd1eda4f0d97 -r 2289777074ae launcher/java_md.c
--- a/launcher/java_md.c Tue Feb 15 11:01:01 2011 -0500
+++ b/launcher/java_md.c Tue Feb 15 17:03:09 2011 -0500
@@ -484,7 +484,7 @@ CreateExecutionEnvironment(int *_argcp,
* LD_LIBRARY_PATH. Note that this prevents any possible infinite
* loop of execv() because we test for the prefix, above.
*/
- if (runpath != 0) {
+ if (runpath != 0 && (runpath[0] != '\0')) {
strcat(new_runpath, ":");
strcat(new_runpath, runpath);
}
diff -r cd1eda4f0d97 -r 2289777074ae netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Tue Feb 15 11:01:01 2011 -0500
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Tue Feb 15 17:03:09 2011 -0500
@@ -481,9 +481,15 @@ public class JNLPClassLoader extends URL
codebase = file.getResources().getMainJAR().getLocation();
}
- jarSecurity = new SecurityDesc(file,
+ if (signing) {
+ jarSecurity = new SecurityDesc(file,
SecurityDesc.ALL_PERMISSIONS,
codebase.getHost());
+ } else {
+ jarSecurity = new SecurityDesc(file,
+ SecurityDesc.SANDBOX_PERMISSIONS,
+ codebase.getHost());
+ }
}
jarLocationSecurityMap.put(location, jarSecurity);
More information about the distro-pkg-dev
mailing list