Mailinglist Archive: opensuse-updates (53 mails)

< Previous Next >
openSUSE-SU-2012:0371-1: moderate: update for icedtea-web
openSUSE Security Update: update for icedtea-web
______________________________________________________________________________

Announcement ID: openSUSE-SU-2012:0371-1
Rating: moderate
References: #729870 #737105 #746895
Cross-References: CVE-2011-3377
Affected Products:
openSUSE 12.1
______________________________________________________________________________

An update that solves one vulnerability and has two fixes
is now available.

Description:

- update to 1.2
- New features:
* Signed JNLP support
* Support for client authentication certificates
* Cache size enforcement now supported via itweb-settings
* Applet parameter passing through JNLP files now supported
* Better icons for access warning dialog
* Security Dialog UI revamped to make it look less
threatening when appropriate
- Fixes (plugin, webstart, common)
* PR618: Can't install OpenDJ, JavaWebStart fails with
Input stream is null error
* PR765: JNLP file with all resource jars marked as 'lazy'
fails to validate signature and stops the launch of
application
* PR788: Elluminate Live! is not working
* PR804: javaws launcher incorrectly handles file names
with spaces
* PR820, bnc#746895: IcedTea-Web 1.1.3 crashing Firefox
when loading Citrix XenApp
* PR838: IcedTea plugin crashes with chrome browser when
javascript is executed
* PR852: Classloader not being flushed after last applet
from a site is closed
* RH586194: Unable to connect to connect with Juniper VPN
client
* PR771: IcedTea-Web certificate verification code does
not use the right API
* PR742: IcedTea-Web checks certs only upto 1 level deep
before declaring them untrusted.
* PR789: typo in jrunscript.sh
* PR808: javaws is unable to start, when missing jars are
enumerated before main jar
* RH738814: Access denied at ssl handshake
* Support for authenticating using client certificates
- fix bnc#737105/FATE#313084: add Supplements:
packageand(broswer(npapi):java-openjdk) ensures the web
plugin is pulled in when openjdk and capable browser is
installed

- enable make check in respective section

- update to 1.1.4 (fixes bnc#729870)
- RH742515, CVE-2011-3377: IcedTea-Web: second-level
domain subdomains and suffix domain SOP bypass
- PR778: Jar download and server certificate verification
deadlock


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 12.1:

zypper in -t patch openSUSE-2012-163

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 12.1 (i586 x86_64):

icedtea-web-1.2-3.1
icedtea-web-debuginfo-1.2-3.1
icedtea-web-debugsource-1.2-3.1

- openSUSE 12.1 (noarch):

icedtea-web-javadoc-1.2-3.1


References:

http://support.novell.com/security/cve/CVE-2011-3377.html
https://bugzilla.novell.com/729870
https://bugzilla.novell.com/737105
https://bugzilla.novell.com/746895


< Previous Next >
This Thread
  • No further messages