[Security][PATCH]: IcedTea-Web 1.1.6 and 1.2.1 released!

Michal Vyskocil mvyskocil at suse.cz
Thu Aug 2 02:28:26 PDT 2012


On Tue, Jul 31, 2012 at 02:31:54PM -0400, Deepak Bhole wrote:
> Hi Everyone,
> 
> IcedTea-Web 1.1.6 and 1.2.1 have now been released. In addition to bug fixes,
> they include 2 security fixes and it is therefore recommended that everyone
> upgrade to this release. The security issues fixed are:
> 
> RH840592, CVE-2012-3422: Use of uninitialized instance pointers
> RH841345, CVE-2012-3423: Incorrect handling of non 0-terminated strings
> 
> Other fixes are listed in the NEWS files:
> 1.1.6 - http://icedtea.classpath.org/hg/release/icedtea-web-1.1/file/5116ebb94452/NEWS
> 1.2.1 - http://icedtea.classpath.org/hg/release/icedtea-web-1.2/file/afba9cb10cce/NEWS

It does not build for older xulrunner, because of a typo, attaching
  simple patch

Regards
Michal Vyskocil
-------------- next part --------------
A non-text attachment was scrubbed...
Name: icetea-web-1.2.1-old-xulrunner-typo.patch
Type: text/x-patch
Size: 727 bytes
Desc: not available
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20120802/7df6e185/icetea-web-1.2.1-old-xulrunner-typo.patch 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
Url : http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20120802/7df6e185/attachment.bin 


More information about the distro-pkg-dev mailing list