[SECURITY] Fedora 15 Update: icedtea-web-1.0.4-1.fc15

updates at fedoraproject.org updates at fedoraproject.org
Fri Jul 22 19:33:36 UTC 2011


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-9541
2011-07-22 19:05:47
--------------------------------------------------------------------------------

Name        : icedtea-web
Product     : Fedora 15
Version     : 1.0.4
Release     : 1.fc15
URL         : http://icedtea.classpath.org/wiki/IcedTea-Web
Summary     : Additional Java components for OpenJDK
Description :
The IcedTea-Web project provides a Java web browser plugin, an implementation
of Java Web Start (originally based on the Netx project) and a settings tool to
manage deployment settings for the aforementioned plugin and Web Start
implementations.

--------------------------------------------------------------------------------
Update Information:

This security fix that addresses the following issues:

- RH718164: Home directory path disclosure to untrusted applications
- RH718170: Java Web Start security warning dialog manipulation
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jul 20 2011 Deepak Bhole <dbhole at redhat.com> 1.0.4-1
- Bump to 1.0.4
- Fixed rhbz#718164: Home directory path disclosure to untrusted applications
- Fixed rhbz#718170: Java Web Start security warning dialog manipulation
* Mon Jun 13 2011 Deepak Bhole <dbhole at redhat.com> 1.0.3-1
- Update to 1.0.3
- Resolves: rhbz#691259
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #718164 - CVE-2011-2513 icedtea, icedtea-web: home directory path disclosure to untrusted applications
        https://bugzilla.redhat.com/show_bug.cgi?id=718164
  [ 2 ] Bug #718170 - CVE-2011-2514 icedtea-web: Java Web Start security warning dialog manipulation
        https://bugzilla.redhat.com/show_bug.cgi?id=718170
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update icedtea-web' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list