[ubuntu/quantal] icedtea-web 1.2-2ubuntu3 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Mon Aug 6 02:40:41 UTC 2012
icedtea-web (1.2-2ubuntu3) quantal; urgency=low
* SECURITY UPDATE: uninitialized pointer use flaw
- debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
instance_to_id_map hash and return error if so.
- CVE-2012-3422
* SECURITY UPDATE: incorrect handling of non NULL terminated strings
- debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
NPStrings are NULL terminated.
- CVE-2012-3423
* debian/patches/fix-plugin-error-on-chromium.patch: fix plugin
table initialization to check only that the subset of hooks that
it uses exists. (LP: #1025553)
Date: Fri, 03 Aug 2012 21:10:50 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Micah Gersten <launchpad at micahscomputing.com>
https://launchpad.net/ubuntu/quantal/+source/icedtea-web/1.2-2ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 03 Aug 2012 21:10:50 -0700
Source: icedtea-web
Binary: icedtea-netx icedtea6-plugin icedtea-plugin icedtea-netx-common icedtea-6-plugin icedtea-7-plugin
Architecture: source
Version: 1.2-2ubuntu3
Distribution: quantal
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description:
icedtea-6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
icedtea-7-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
icedtea-netx - NetX - implementation of the Java Network Launching Protocol (JNL
icedtea-netx-common - NetX - implementation of the Java Network Launching Protocol (JNL
icedtea-plugin - web browser plugin to execute Java applets (dependency package)
icedtea6-plugin - web browser plugin to execute Java applets (dependency package)
Launchpad-Bugs-Fixed: 1025553
Changes:
icedtea-web (1.2-2ubuntu3) quantal; urgency=low
.
* SECURITY UPDATE: uninitialized pointer use flaw
- debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
instance_to_id_map hash and return error if so.
- CVE-2012-3422
* SECURITY UPDATE: incorrect handling of non NULL terminated strings
- debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
NPStrings are NULL terminated.
- CVE-2012-3423
* debian/patches/fix-plugin-error-on-chromium.patch: fix plugin
table initialization to check only that the subset of hooks that
it uses exists. (LP: #1025553)
Checksums-Sha1:
2c191f15360cbc069838f391208b1ff3442768b3 1777 icedtea-web_1.2-2ubuntu3.dsc
8363cb912756f1bef2e3ac9b2d3ee78b6d15fa33 28719 icedtea-web_1.2-2ubuntu3.debian.tar.gz
Checksums-Sha256:
366a368cfa710a412ac06f7eb396eeaeb5b6d31112fdecdc2edbf1dff3f61e6b 1777 icedtea-web_1.2-2ubuntu3.dsc
d28eabe0b4b3075fa35e65d593c6b7c5d7df7b8ae272f84eaa7f6fd2b97a7c0d 28719 icedtea-web_1.2-2ubuntu3.debian.tar.gz
Files:
513113ad793b8071e06a0b66d53bbf3c 1777 java extra icedtea-web_1.2-2ubuntu3.dsc
2052269f88c5d4751acb0c74ea4b573b 28719 java extra icedtea-web_1.2-2ubuntu3.debian.tar.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAlAfLaIACgkQTniv4aqX/VkV6QCgifxluk9Yd8MeTJQYZ1zzWy3g
F+4An3jmiusscAkIOoTSczHeydG23X8v
=Rhhv
-----END PGP SIGNATURE-----
More information about the Quantal-changes
mailing list