/hg/release/icedtea-web-1.0: 5 new changesets
dbhole at icedtea.classpath.org
dbhole at icedtea.classpath.org
Tue Feb 15 14:06:17 PST 2011
changeset af8d359d6daa in /hg/release/icedtea-web-1.0
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=af8d359d6daa
author: Deepak Bhole <dbhole at redhat.com>
date: Mon Feb 14 13:59:55 2011 -0500
Fixed S6983554, CVE-2010-4450: Launcher incorrect processing of
empty library path entries
changeset 9199a6ec1f0c in /hg/release/icedtea-web-1.0
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=9199a6ec1f0c
author: Deepak Bhole <dbhole at redhat.com>
date: Mon Feb 14 14:00:58 2011 -0500
Fixed RH677332, CVE-2011-0706: IcedTea multiple signers privilege
escalation
changeset 6af7ac54a177 in /hg/release/icedtea-web-1.0
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=6af7ac54a177
author: Deepak Bhole <dbhole at redhat.com>
date: Mon Feb 14 14:02:06 2011 -0500
2011-02-14 Deepak Bhole <dbhole at redhat.com>
* NEWS: Update for 1.0.1 release.
* configure.ac: Bump to 1.0.1
changeset 5f2232150387 in /hg/release/icedtea-web-1.0
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=5f2232150387
author: Deepak Bhole <dbhole at redhat.com>
date: Tue Feb 15 17:05:03 2011 -0500
Added tag icedtea-web-1.0.1 for changeset 6af7ac54a177
changeset a7550fb352c5 in /hg/release/icedtea-web-1.0
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=a7550fb352c5
author: Deepak Bhole <dbhole at redhat.com>
date: Tue Feb 15 17:06:34 2011 -0500
Prepare for 1.0.2
2011-02-11 Deepak Bhole <dbhole at redhat.com>
* NEWS: Add 1.0.2
* configure.ac: Bump to 1.0.2pre.
diffstat:
6 files changed, 42 insertions(+), 4 deletions(-)
.hgtags | 1
ChangeLog | 25 ++++++++++++++++
NEWS | 8 ++++-
configure.ac | 2 -
launcher/java_md.c | 2 -
netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java | 8 ++++-
diffs (98 lines):
diff -r cc8c67ed615e -r a7550fb352c5 .hgtags
--- a/.hgtags Thu Feb 10 11:19:53 2011 -0500
+++ b/.hgtags Tue Feb 15 17:06:34 2011 -0500
@@ -1,2 +1,3 @@ 692d7e5b31039156aff1600fd7f5034fead2f258
692d7e5b31039156aff1600fd7f5034fead2f258 icedtea-web-1.0-branch
3973cfa679272d5057f2a1527483796964a1de6c icedtea-web-1.0
+6af7ac54a177bf31d335ce4a58f6c7abcbd0333c icedtea-web-1.0.1
diff -r cc8c67ed615e -r a7550fb352c5 ChangeLog
--- a/ChangeLog Thu Feb 10 11:19:53 2011 -0500
+++ b/ChangeLog Tue Feb 15 17:06:34 2011 -0500
@@ -1,3 +1,28 @@ 2011-02-10 Deepak Bhole <dbhole at redhat.
+2011-02-11 Deepak Bhole <dbhole at redhat.com>
+
+ * NEWS: Add 1.0.2
+ * configure.ac: Bump to 1.0.2pre.
+
+2011-02-14 Deepak Bhole <dbhole at redhat.com>
+
+ * NEWS: Update for 1.0.1 release.
+ * configure.ac: Bump to 1.0.1
+
+2011-02-11 Omair Majid <omajid at redhat.com>
+
+ RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation
+ * NEWS: Updated.
+ * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
+ (initializeResources): Assign appropriate security descriptor based on
+ code signing.
+
+2011-02-11 Deepak Bhole <dbhole at redhat.com>
+
+ Fix S6983554, CVE-2010-4450: Launcher incorrect processing of empty
+ library path entries
+ * NEWS: Updated.
+ * launcher/java_md.c: Ignore empty LD_LIBRARY_PATH.
+
2011-02-10 Deepak Bhole <dbhole at redhat.com>
* netx/net/sourceforge/jnlp/runtime/JNLPRuntime.java (initialize):
diff -r cc8c67ed615e -r a7550fb352c5 NEWS
--- a/NEWS Thu Feb 10 11:19:53 2011 -0500
+++ b/NEWS Tue Feb 15 17:06:34 2011 -0500
@@ -8,7 +8,13 @@ GX - http://bugs.gentoo.org/show_bug.cg
CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
-New in release 1.0.1 (2011-XX-XX):
+New in release 1.0.2 (2011-XX-XX):
+
+New in release 1.0.1 (2011-02-15):
+
+* Security updates
+ - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
+ - RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation
New in release 1.0 (2011-02-02):
diff -r cc8c67ed615e -r a7550fb352c5 configure.ac
--- a/configure.ac Thu Feb 10 11:19:53 2011 -0500
+++ b/configure.ac Tue Feb 15 17:06:34 2011 -0500
@@ -1,4 +1,4 @@ AC_INIT([icedtea-web],[1.0.1pre],[distro
-AC_INIT([icedtea-web],[1.0.1pre],[distro-pkg-dev at openjdk.java.net], [icedtea-web], [http://icedtea.classpath.org/wiki/IcedTea-Web])
+AC_INIT([icedtea-web],[1.0.2pre],[distro-pkg-dev at openjdk.java.net], [icedtea-web], [http://icedtea.classpath.org/wiki/IcedTea-Web])
AM_INIT_AUTOMAKE([1.9 tar-pax foreign])
AC_CONFIG_FILES([Makefile])
diff -r cc8c67ed615e -r a7550fb352c5 launcher/java_md.c
--- a/launcher/java_md.c Thu Feb 10 11:19:53 2011 -0500
+++ b/launcher/java_md.c Tue Feb 15 17:06:34 2011 -0500
@@ -484,7 +484,7 @@ CreateExecutionEnvironment(int *_argcp,
* LD_LIBRARY_PATH. Note that this prevents any possible infinite
* loop of execv() because we test for the prefix, above.
*/
- if (runpath != 0) {
+ if (runpath != 0 && (runpath[0] != '\0')) {
strcat(new_runpath, ":");
strcat(new_runpath, runpath);
}
diff -r cc8c67ed615e -r a7550fb352c5 netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Thu Feb 10 11:19:53 2011 -0500
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java Tue Feb 15 17:06:34 2011 -0500
@@ -479,9 +479,15 @@ public class JNLPClassLoader extends URL
codebase = file.getResources().getMainJAR().getLocation();
}
- jarSecurity = new SecurityDesc(file,
+ if (signing) {
+ jarSecurity = new SecurityDesc(file,
SecurityDesc.ALL_PERMISSIONS,
codebase.getHost());
+ } else {
+ jarSecurity = new SecurityDesc(file,
+ SecurityDesc.SANDBOX_PERMISSIONS,
+ codebase.getHost());
+ }
}
jarLocationSecurityMap.put(location, jarSecurity);
More information about the distro-pkg-dev
mailing list