[Security]: IcedTea-Web 1.1.6 and 1.2.1 released!
Deepak Bhole
dbhole at redhat.com
Tue Jul 31 11:31:54 PDT 2012
Hi Everyone,
IcedTea-Web 1.1.6 and 1.2.1 have now been released. In addition to bug fixes,
they include 2 security fixes and it is therefore recommended that everyone
upgrade to this release. The security issues fixed are:
RH840592, CVE-2012-3422: Use of uninitialized instance pointers
RH841345, CVE-2012-3423: Incorrect handling of non 0-terminated strings
Other fixes are listed in the NEWS files:
1.1.6 - http://icedtea.classpath.org/hg/release/icedtea-web-1.1/file/5116ebb94452/NEWS
1.2.1 - http://icedtea.classpath.org/hg/release/icedtea-web-1.2/file/afba9cb10cce/NEWS
The following people helped with this release:
Danesh Dadachanji
Adam Domurad
Jiri Vanek
Saad Mohammad
Checksums:
2e330475fdcd1a83b3f411a1aa475d8d45c585842444d20bb9160bed689dc1f1 icedtea-web-1.1.6.tar.gz
134efcd429086a643ba03ec6e4da991527c3e5dfcd6ed6680a83824ad3f0cfd6 icedtea-web-1.2.1.tar.gz
Download links:
http://icedtea.classpath.org/download/source/icedtea-web-1.1.6.tar.gz
http://icedtea.classpath.org/download/source/icedtea-web-1.2.1.tar.gz
After extracting, it can be built as per instructions here:
http://icedtea.classpath.org/wiki/IcedTea-Web#Building_IcedTea-Web
More information about the distro-pkg-dev
mailing list