[ubuntu/precise-security] icedtea-web 1.2.3-0ubuntu0.12.04.1 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Thu Apr 18 21:30:29 UTC 2013

icedtea-web (1.2.3-0ubuntu0.12.04.1) precise-security; urgency=low

  * IcedTea-Web 1.2.3 release.
  * Security Updates:
    - CVE-2013-1927: fixed gifar vulnerability.
    - CVE-2013-1926: Class-loader incorrectly shared for applets with same
  * Common:
    - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7.
  * NetX:
    - PR580: http://www.horaoficial.cl/ loads improperly.
  * Plugin:
    - PR1157: Applets can hang browser after fatal exception.

icedtea-web (1.2.2-0ubuntu1) precise-proposed; urgency=low

  * Update to the 1.2.2 bug fix release. LP: #1131479.
    - Includes security fixes uploaded earlier.
    - Bug fixes:
      - PR1106: Buffer overflow in plugin table.
      - PR898: signed applications with big jnlp-file doesn't start (webstart
        affect like "frozen").
      - PR811: javaws is not handling urls with spaces (and other characters
        needing encoding) correctly.
      - S816592: icedtea-web not loading GeoGebra java applets in Firefox
        or Chrome.
      - PR863: Error passing strings to applet methods in Chromium.
      - PR895: IcedTea-Web searches for missing classes on each loadClass
        or findClass.
      - PR518: NPString.utf8characters not guaranteed to be nul-terminated.
      - Disambiguate signed applet security prompt from certificate warning.
  * Search both OpenJDK-6 and OpenJDK-7 when starting itweb-settings.
    LP: #1078424.

Date: 2013-04-17 22:20:22.150749+00:00
Changed-By: Matthias Klose <doko at ubuntu.com>
Signed-By: Jamie Strandboge <jamie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Precise-changes mailing list