IcedTea-Web 1.0.6 and 1.1.4 (security releases) released
Deepak Bhole
dbhole at redhat.com
Tue Nov 8 08:02:34 PST 2011
IcedTea-Web 1.0.6 and 1.1.4 have been released. These are security fix only
releases and address a security issue classified as having moderate impact.
What's new in 1.0.6 and 1.1.4:
RH742515, CVE-2011-3377: IcedTea-Web: second-level domain subdomains and suffix domain SOP bypass
The following people helped with this release:
Omair Majid
Checksums:
44a770da85fd2e342ab09e065798a07d04601ea51879df4a5e88f804e4f02eba icedtea-web-1.0.6.tar.gz
b17a742af0153b7887cf667a160f8519afad125bc515b0f4783c66e7ee1a7f26 icedtea-web-1.1.4.tar.gz
Download links:
http://icedtea.classpath.org/download/source/icedtea-web-1.0.6.tar.gz
http://icedtea.classpath.org/download/source/icedtea-web-1.1.4.tar.gz
After extracting, it can be built as per instructions here:
http://icedtea.classpath.org/wiki/IcedTea-Web#Building_IcedTea-Web
Cheers,
Deepak
More information about the distro-pkg-dev
mailing list