[ubuntu/oneiric-security] icedtea-web 1.2-2ubuntu0.11.10.2 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Tue Jul 31 22:03:28 UTC 2012 

icedtea-web (1.2-2ubuntu0.11.10.2) oneiric-security; urgency=low

  * SECURITY UPDATE: uninitialized pointer use flaw
    - debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
      instance_to_id_map hash and return error if so.
    - CVE-2012-3422
  * SECURITY UPDATE: incorrect handling of non NULL terminated strings
    - debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
      NPStrings are NULL terminated.
    - CVE-2012-3423

Date: Sat, 28 Jul 2012 18:58:28 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/oneiric/+source/icedtea-web/1.2-2ubuntu0.11.10.2
-------------- next part --------------
Format: 1.8
Date: Sat, 28 Jul 2012 18:58:28 -0700
Source: icedtea-web
Binary: icedtea-netx icedtea6-plugin icedtea-plugin icedtea-6-plugin
Architecture: source
Version: 1.2-2ubuntu0.11.10.2
Distribution: oneiric-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 icedtea-6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
 icedtea-netx - NetX - implementation of the Java Network Launching Protocol (JNL
 icedtea-plugin - web browser plugin to execute Java applets (dependency package)
 icedtea6-plugin - web browser plugin to execute Java applets (dependency package)
Changes: 
 icedtea-web (1.2-2ubuntu0.11.10.2) oneiric-security; urgency=low
 .
   * SECURITY UPDATE: uninitialized pointer use flaw
     - debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
       instance_to_id_map hash and return error if so.
     - CVE-2012-3422
   * SECURITY UPDATE: incorrect handling of non NULL terminated strings
     - debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
       NPStrings are NULL terminated.
     - CVE-2012-3423
Checksums-Sha1: 
 f55e91993080d041c96a6423d51b228c15c15457 2218 icedtea-web_1.2-2ubuntu0.11.10.2.dsc
 cb42c5196dc9d9a6543897c942e0ebed3ff46c8e 25234 icedtea-web_1.2-2ubuntu0.11.10.2.debian.tar.gz
Checksums-Sha256: 
 b118c1fd821f5faf89654b012f4e3d5d843972580139f14d8929ae8517f5e7cc 2218 icedtea-web_1.2-2ubuntu0.11.10.2.dsc
 095205a1e31b58bab983967ad50f2937b25b0201378f9c79041a56edb1f4a786 25234 icedtea-web_1.2-2ubuntu0.11.10.2.debian.tar.gz
Files: 
 5cda64626c50babce0066f319cd0dcdb 2218 java extra icedtea-web_1.2-2ubuntu0.11.10.2.dsc
 5c3a0f6289e4ea285bb4c0c1e07e6734 25234 java extra icedtea-web_1.2-2ubuntu0.11.10.2.debian.tar.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>

More information about the Oneiric-changes mailing list