Bug#686934: unblock: icedtea-web/1.3-2

Fri, 07 Sep 2012 04:09:20 -0700 

Package: release.debian.org
User: release.debian....@packages.debian.org
Usertags: unblock
Severity: normal

reasons for the unblock

 - security fixes
 - hardened build
 - RC bug fix #681269

complete changelog:

icedtea-web (1.3-2) unstable; urgency=high

  * Configure with --disable-docs (the developer docs aren't shipped
    anyway). Works around the build failure on s390.

 -- Matthias Klose <d...@ubuntu.com>  Thu, 06 Sep 2012 23:03:51 +0200

icedtea-web (1.3-1) unstable; urgency=high

  * IcedTea-Web 1.3 release.
  * Security updates:
    - CVE-2012-3422: Potential read from an uninitialized memory location.
    - CVE-2012-3423: Incorrect handling of not 0-terminated strings.
  * NetX fixes:
    - PR898: signed applications with big jnlp-file doesn't start (webstart
      affect like "frozen").
    - PR811: javaws is not handling urls with spaces (and other characters
      needing encoding) correctly.
  * Plugin fixes:
    - PR820: IcedTea-Web 1.1.3 crashing Firefox when loading Citrix XenApp.
    - PR863: Error passing strings to applet methods in Chromium.
    - PR895: IcedTea-Web searches for missing classes on each loadClass or
      findClass.
    - PR861: Allow loading from non codebase hosts. Allow code to connect
      to hosting server.
    - PR518: NPString.utf8characters not guaranteed to be nul-terminated.
    - PR722: META-INF/ unsigned entries should be ignored in signing.
    - PR855: AppletStub getDocumentBase() doesn't return full URL.
    - PR1011: Folders treated as jar files in archive tag.
    - PR1106: Buffer overflow in plugin table.
    - PR975: Plugin should not include classpaths specified in jar manifests
      when using jnlp_href.
    - PR588: Cookies not written from cookie jar to browser cookies.
  * Common fixes:
    - PR918: java applet windows uses a low resulution black/white icon.
    - Disambiguate signed applet security prompt from certificate warning.
    - PR955: regression: SweetHome3D fails to run.

  * For Ubuntu quantal, set priorities for alternatives higher than for
    OpenJDK 6.
  * Call update-alternatives when the existing priority for the alternative
    is lower than the current one.
  * icedtea-netx: Don't set the alternatives to a OpenJDK which is not
    installed. Closes: #681269.
  * Allow building the plugin for OpenJDK 6 using OpenJDK 7.
  * Build with hardening defaults.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to