lp:ubuntu/precise-security/icedtea-web

Created by Ubuntu Package Importer on 2012-07-31 and last modified on 2013-04-23
Get this branch:
bzr branch lp:ubuntu/precise-security/icedtea-web
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

46. By Jamie Strandboge on 2013-04-22

Revert PR1161: X509VariableTrustManager does not work correctly with
OpenJDK7. The fix for PR1161 is needed for IcedTea 2.3.x and not 1.12.
We need to keep this patch reverted as long as we build icedtea-web
against 1.12 (LP: #1171506)

45. By Matthias Klose on 2013-04-17

* IcedTea-Web 1.2.3 release.
* Security Updates:
  - CVE-2013-1927: fixed gifar vulnerability.
  - CVE-2013-1926: Class-loader incorrectly shared for applets with same
    relative-path.
* Common:
  - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7.
* NetX:
  - PR580: http://www.horaoficial.cl/ loads improperly.
* Plugin:
  - PR1157: Applets can hang browser after fatal exception.

44. By Jamie Strandboge on 2012-11-06

* SECURITY UPDATE: Fix denial of service in exception handling
  - debian/patches/icedtea-web-CVE-2012-4540.patch: adjust off by one in
    exception string storage in IcedTeaScriptablePluginObject.cc. Also fix
    two memory leaks.
  - CVE-2012-4540

43. By Steve Beattie on 2012-07-27

* SECURITY UPDATE: uninitialized pointer use flaw
  - debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
    instance_to_id_map hash and return error if so.
  - CVE-2012-3422
* SECURITY UPDATE: incorrect handling of non NULL terminated strings
  - debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
    NPStrings are NULL terminated.
  - CVE-2012-3423
* debian/control, debian/control.common: add replaces on icedtea-net
  and icedtea-6-plugin for conflicting files in older releases,
  caused by icedtea-web security pocket backport to those releases
  in conjunction with openjdk-6 security backport (LP: #1024708)

42. By Matthias Klose on 2012-04-09

Regenerate the control file.

41. By Matthias Klose on 2012-03-09

Regenerate the control file.

40. By Micah Gersten on 2012-03-05

* Sync on Debian
  - fixes LP: #946119 - icedtea-7-plugin needs openjdk-6-jre
* Regenerate the control file

39. By Thibaud ECAROT on 2012-03-04

debian/PLUGIN7.postinst.in: fix quoting issue LP: #945699

38. By Matthias Klose on 2012-03-03

Regenerate the control file.

37. By Micah Gersten on 2012-02-28

debian/PLUGIN7.postinst.in: Fix quoting issue (LP: #942407)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/quantal/icedtea-web
This branch contains Public information 
Everyone can see this information.

Subscribers