[ubuntu/lucid-security] icedtea-web 1.2-2ubuntu0.10.04.2 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Tue Jul 31 22:03:41 UTC 2012


icedtea-web (1.2-2ubuntu0.10.04.2) lucid-security; urgency=low

  * SECURITY UPDATE: uninitialized pointer use flaw
    - debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
      instance_to_id_map hash and return error if so.
    - CVE-2012-3422
  * SECURITY UPDATE: incorrect handling of non NULL terminated strings
    - debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
      NPStrings are NULL terminated.
    - CVE-2012-3423

Date: Sat, 28 Jul 2012 19:59:47 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/icedtea-web/1.2-2ubuntu0.10.04.2
-------------- next part --------------
Format: 1.8
Date: Sat, 28 Jul 2012 19:59:47 -0700
Source: icedtea-web
Binary: icedtea-netx icedtea6-plugin icedtea-plugin icedtea-6-plugin
Architecture: source
Version: 1.2-2ubuntu0.10.04.2
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 icedtea-6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
 icedtea-netx - NetX - implementation of the Java Network Launching Protocol (JNL
 icedtea-plugin - web browser plugin to execute Java applets (dependency package)
 icedtea6-plugin - web browser plugin to execute Java applets (dependency package)
Changes: 
 icedtea-web (1.2-2ubuntu0.10.04.2) lucid-security; urgency=low
 .
   * SECURITY UPDATE: uninitialized pointer use flaw
     - debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
       instance_to_id_map hash and return error if so.
     - CVE-2012-3422
   * SECURITY UPDATE: incorrect handling of non NULL terminated strings
     - debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
       NPStrings are NULL terminated.
     - CVE-2012-3423
Checksums-Sha1: 
 de1d925f7878e2b07a998efcfd54902db9a20ce7 2226 icedtea-web_1.2-2ubuntu0.10.04.2.dsc
 588a3ed69f3e1f29a2f340445fe24134391b343f 24658 icedtea-web_1.2-2ubuntu0.10.04.2.debian.tar.gz
Checksums-Sha256: 
 883186fe5041cdc3a31ef82f07f6ef499641f72e89403920a90991c642f2d1f3 2226 icedtea-web_1.2-2ubuntu0.10.04.2.dsc
 48625cf6312a63f9102e0aed3d4df1bced4df67c1269ff935434c39749e0a2c3 24658 icedtea-web_1.2-2ubuntu0.10.04.2.debian.tar.gz
Files: 
 9aafc73188c550d0e36609d7f19a4218 2226 java extra icedtea-web_1.2-2ubuntu0.10.04.2.dsc
 43b3ecd076ed8678bad4168233d8b6cc 24658 java extra icedtea-web_1.2-2ubuntu0.10.04.2.debian.tar.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>


More information about the Lucid-changes mailing list