Ubuntu

“icedtea-web” 1.2-2ubuntu0.11.10.2 source package in The Oneiric Ocelot

Publishing history

1.2-2ubuntu0.11.10.2
SUPERSEDED: Oneiric pocket Updates in component main and section java
  • Removed from disk on 2012-08-31.
  • Removal requested on 2012-08-30.
  • Superseded on 2012-08-29 by icedtea-web - 1.2-2ubuntu0.11.10.3
  • Published on 2012-07-31
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team
1.2-2ubuntu0.11.10.2
SUPERSEDED: Oneiric pocket Security in component main and section java
  • Removed from disk on 2012-08-31.
  • Removal requested on 2012-08-30.
  • Superseded on 2012-08-29 by icedtea-web - 1.2-2ubuntu0.11.10.3
  • Published on 2012-07-31
  • Copied from ubuntu oneiric in Private PPA for Ubuntu Security Team

Builds

Changelog

icedtea-web (1.2-2ubuntu0.11.10.2) oneiric-security; urgency=low

  * SECURITY UPDATE: uninitialized pointer use flaw
    - debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
      instance_to_id_map hash and return error if so.
    - CVE-2012-3422
  * SECURITY UPDATE: incorrect handling of non NULL terminated strings
    - debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
      NPStrings are NULL terminated.
    - CVE-2012-3423
 -- Steve Beattie <email address hidden>   Sat, 28 Jul 2012 18:58:28 -0700