[ubuntu/precise-security] icedtea-web 1.2-2ubuntu1.1 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Tue Jul 31 22:03:20 UTC 2012
icedtea-web (1.2-2ubuntu1.1) precise-security; urgency=low
* SECURITY UPDATE: uninitialized pointer use flaw
- debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
instance_to_id_map hash and return error if so.
- CVE-2012-3422
* SECURITY UPDATE: incorrect handling of non NULL terminated strings
- debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
NPStrings are NULL terminated.
- CVE-2012-3423
* debian/control, debian/control.common: add replaces on icedtea-net
and icedtea-6-plugin for conflicting files in older releases,
caused by icedtea-web security pocket backport to those releases
in conjunction with openjdk-6 security backport (LP: #1024708)
Date: Fri, 27 Jul 2012 23:14:25 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/precise/+source/icedtea-web/1.2-2ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Fri, 27 Jul 2012 23:14:25 -0700
Source: icedtea-web
Binary: icedtea-netx icedtea6-plugin icedtea-plugin icedtea-netx-common icedtea-6-plugin icedtea-7-plugin
Architecture: source
Version: 1.2-2ubuntu1.1
Distribution: precise-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description:
icedtea-6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
icedtea-7-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
icedtea-netx - NetX - implementation of the Java Network Launching Protocol (JNL
icedtea-netx-common - NetX - implementation of the Java Network Launching Protocol (JNL
icedtea-plugin - web browser plugin to execute Java applets (dependency package)
icedtea6-plugin - web browser plugin to execute Java applets (dependency package)
Launchpad-Bugs-Fixed: 1024708
Changes:
icedtea-web (1.2-2ubuntu1.1) precise-security; urgency=low
.
* SECURITY UPDATE: uninitialized pointer use flaw
- debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
instance_to_id_map hash and return error if so.
- CVE-2012-3422
* SECURITY UPDATE: incorrect handling of non NULL terminated strings
- debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
NPStrings are NULL terminated.
- CVE-2012-3423
* debian/control, debian/control.common: add replaces on icedtea-net
and icedtea-6-plugin for conflicting files in older releases,
caused by icedtea-web security pocket backport to those releases
in conjunction with openjdk-6 security backport (LP: #1024708)
Checksums-Sha1:
5fab467638deb6b46a244901ff9344e68091ee0b 2442 icedtea-web_1.2-2ubuntu1.1.dsc
f5b8bd2fd3dace0e88b857d6cf4faf15907949a6 24845 icedtea-web_1.2-2ubuntu1.1.debian.tar.gz
Checksums-Sha256:
22867e64bee9ad0f81b60502e70cc788f2aa2989bbc8e02aa1d206dfda2516b2 2442 icedtea-web_1.2-2ubuntu1.1.dsc
a41cd5a9a25d22d9f96af063854cb1384251f9e7811397e37eb78b5df0ffe594 24845 icedtea-web_1.2-2ubuntu1.1.debian.tar.gz
Files:
ca7e7014ede96868d63391e6acd71aa4 2442 java extra icedtea-web_1.2-2ubuntu1.1.dsc
a83a3e1f88c53dec4c6418c729f02944 24845 java extra icedtea-web_1.2-2ubuntu1.1.debian.tar.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
More information about the Precise-changes
mailing list