[ubuntu/natty-security] icedtea-web 1.2-2ubuntu0.11.04.2 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Tue Jul 31 22:03:35 UTC 2012 

icedtea-web (1.2-2ubuntu0.11.04.2) natty-security; urgency=low

  * SECURITY UPDATE: uninitialized pointer use flaw
    - debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
      instance_to_id_map hash and return error if so.
    - CVE-2012-3422
  * SECURITY UPDATE: incorrect handling of non NULL terminated strings
    - debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
      NPStrings are NULL terminated.
    - CVE-2012-3423

Date: Sat, 28 Jul 2012 19:30:09 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/icedtea-web/1.2-2ubuntu0.11.04.2
-------------- next part --------------
Format: 1.8
Date: Sat, 28 Jul 2012 19:30:09 -0700
Source: icedtea-web
Binary: icedtea-netx icedtea6-plugin icedtea-plugin icedtea-6-plugin
Architecture: source
Version: 1.2-2ubuntu0.11.04.2
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 icedtea-6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
 icedtea-netx - NetX - implementation of the Java Network Launching Protocol (JNL
 icedtea-plugin - web browser plugin to execute Java applets (dependency package)
 icedtea6-plugin - web browser plugin to execute Java applets (dependency package)
Changes: 
 icedtea-web (1.2-2ubuntu0.11.04.2) natty-security; urgency=low
 .
   * SECURITY UPDATE: uninitialized pointer use flaw
     - debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
       instance_to_id_map hash and return error if so.
     - CVE-2012-3422
   * SECURITY UPDATE: incorrect handling of non NULL terminated strings
     - debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
       NPStrings are NULL terminated.
     - CVE-2012-3423
Checksums-Sha1: 
 c6ba7b39d7b65ac257ccc6ab58e15b4472e45856 2218 icedtea-web_1.2-2ubuntu0.11.04.2.dsc
 d71a97a61fcc0cae60425906b4367b0eace9b07b 25233 icedtea-web_1.2-2ubuntu0.11.04.2.debian.tar.gz
Checksums-Sha256: 
 dbe8e0b1fe1348a4cc1a07661abfcd829c24614608fc401d18b2b4e2050d1c77 2218 icedtea-web_1.2-2ubuntu0.11.04.2.dsc
 8f5457effd4306f178e808eaf3bbc61dac692d4d1140e4032e6f12d9dc92b747 25233 icedtea-web_1.2-2ubuntu0.11.04.2.debian.tar.gz
Files: 
 317549124b46169d22512452f5c6e1dc 2218 java extra icedtea-web_1.2-2ubuntu0.11.04.2.dsc
 6e805d211fe2df771758672232698765 25233 java extra icedtea-web_1.2-2ubuntu0.11.04.2.debian.tar.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>

More information about the Natty-changes mailing list