[ubuntu/quantal] icedtea-web 1.2-2ubuntu3 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Mon Aug 6 02:40:41 UTC 2012 

icedtea-web (1.2-2ubuntu3) quantal; urgency=low

  * SECURITY UPDATE: uninitialized pointer use flaw
    - debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
      instance_to_id_map hash and return error if so.
    - CVE-2012-3422
  * SECURITY UPDATE: incorrect handling of non NULL terminated strings
    - debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
      NPStrings are NULL terminated.
    - CVE-2012-3423
  * debian/patches/fix-plugin-error-on-chromium.patch: fix plugin
    table initialization to check only that the subset of hooks that
    it uses exists. (LP: #1025553)

Date: Fri, 03 Aug 2012 21:10:50 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Micah Gersten <launchpad at micahscomputing.com>
https://launchpad.net/ubuntu/quantal/+source/icedtea-web/1.2-2ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 03 Aug 2012 21:10:50 -0700
Source: icedtea-web
Binary: icedtea-netx icedtea6-plugin icedtea-plugin icedtea-netx-common icedtea-6-plugin icedtea-7-plugin
Architecture: source
Version: 1.2-2ubuntu3
Distribution: quantal
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 icedtea-6-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
 icedtea-7-plugin - web browser plugin based on OpenJDK and IcedTea to execute Java a
 icedtea-netx - NetX - implementation of the Java Network Launching Protocol (JNL
 icedtea-netx-common - NetX - implementation of the Java Network Launching Protocol (JNL
 icedtea-plugin - web browser plugin to execute Java applets (dependency package)
 icedtea6-plugin - web browser plugin to execute Java applets (dependency package)
Launchpad-Bugs-Fixed: 1025553
Changes: 
 icedtea-web (1.2-2ubuntu3) quantal; urgency=low
 .
   * SECURITY UPDATE: uninitialized pointer use flaw
     - debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
       instance_to_id_map hash and return error if so.
     - CVE-2012-3422
   * SECURITY UPDATE: incorrect handling of non NULL terminated strings
     - debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
       NPStrings are NULL terminated.
     - CVE-2012-3423
   * debian/patches/fix-plugin-error-on-chromium.patch: fix plugin
     table initialization to check only that the subset of hooks that
     it uses exists. (LP: #1025553)
Checksums-Sha1: 
 2c191f15360cbc069838f391208b1ff3442768b3 1777 icedtea-web_1.2-2ubuntu3.dsc
 8363cb912756f1bef2e3ac9b2d3ee78b6d15fa33 28719 icedtea-web_1.2-2ubuntu3.debian.tar.gz
Checksums-Sha256: 
 366a368cfa710a412ac06f7eb396eeaeb5b6d31112fdecdc2edbf1dff3f61e6b 1777 icedtea-web_1.2-2ubuntu3.dsc
 d28eabe0b4b3075fa35e65d593c6b7c5d7df7b8ae272f84eaa7f6fd2b97a7c0d 28719 icedtea-web_1.2-2ubuntu3.debian.tar.gz
Files: 
 513113ad793b8071e06a0b66d53bbf3c 1777 java extra icedtea-web_1.2-2ubuntu3.dsc
 2052269f88c5d4751acb0c74ea4b573b 28719 java extra icedtea-web_1.2-2ubuntu3.debian.tar.gz
Original-Maintainer: OpenJDK Team <openjdk at lists.launchpad.net>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAlAfLaIACgkQTniv4aqX/VkV6QCgifxluk9Yd8MeTJQYZ1zzWy3g
F+4An3jmiusscAkIOoTSczHeydG23X8v
=Rhhv
-----END PGP SIGNATURE-----

More information about the Quantal-changes mailing list