[SECURITY] Fedora 19 Update: icedtea-web-1.4.1-0.fc19

updates at fedoraproject.org updates at fedoraproject.org
Fri Sep 20 16:28:29 UTC 2013 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-17026
2013-09-18 11:40:55
--------------------------------------------------------------------------------

Name        : icedtea-web
Product     : Fedora 19
Version     : 1.4.1
Release     : 0.fc19
URL         : http://icedtea.classpath.org/wiki/IcedTea-Web
Summary     : Additional Java components for OpenJDK - Java browser plug-in and Web Start implementation
Description :
The IcedTea-Web project provides a Java web browser plugin, an implementation
of Java Web Start (originally based on the Netx project) and a settings tool to
manage deployment settings for the aforementioned plugin and Web Start
implementations.

--------------------------------------------------------------------------------
Update Information:

Updated to icedtea-web 1.4.1
New in release 1.4.1 (2013-XX-YY):
* Improved and cleaned Temporary internet files panel
* PR1465 - java.io.FileNotFoundException while trying to download a JAR file
* PR1473 - javaws should not depend on name of local file
* PR854: Resizing an applet several times causes 100% CPU load
* CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet
* reproducers tests are enabled in dist-tarball
* application context support for  OpenJDK build 25 and higher
* small patches into rhino support and
* PR1533: Inherit jnlp.packEnabled and jnlp.versionEnabled like other properties
* add icedtea-web man page
* make check enabled again
* should be build for non-standart archs
* removed unused multilib arches
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 17 2013 Jiri Vanek <jvanek at redhat.com> 1.4.1-0
- updated to 1.4.1
- add icedtea-web man page
- removed upstreamed  patch1 b25-appContextFix.patch
- removed upstreamed  patch2 rhino-pac-permissions.patch
- make check enabled again
- should be build for non-standart archs !-)
- removed unused multilib arches (yupii!)
* Tue Jul 23 2013 Omair Majid <jvanek at redhat.com> 1.4.0-3
- Added upstream fix for RH982558
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1007960 - CVE-2013-4349 icedtea-web: CVE-2012-4540 issue not fixed in 1.4
        https://bugzilla.redhat.com/show_bug.cgi?id=1007960
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update icedtea-web' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list