Bug#686934: unblock: icedtea-web/1.3-2
Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: unblock
Severity: normal
reasons for the unblock
- security fixes
- hardened build
- RC bug fix #681269
complete changelog:
icedtea-web (1.3-2) unstable; urgency=high
* Configure with --disable-docs (the developer docs aren't shipped
anyway). Works around the build failure on s390.
-- Matthias Klose <doko@ubuntu.com> Thu, 06 Sep 2012 23:03:51 +0200
icedtea-web (1.3-1) unstable; urgency=high
* IcedTea-Web 1.3 release.
* Security updates:
- CVE-2012-3422: Potential read from an uninitialized memory location.
- CVE-2012-3423: Incorrect handling of not 0-terminated strings.
* NetX fixes:
- PR898: signed applications with big jnlp-file doesn't start (webstart
affect like "frozen").
- PR811: javaws is not handling urls with spaces (and other characters
needing encoding) correctly.
* Plugin fixes:
- PR820: IcedTea-Web 1.1.3 crashing Firefox when loading Citrix XenApp.
- PR863: Error passing strings to applet methods in Chromium.
- PR895: IcedTea-Web searches for missing classes on each loadClass or
findClass.
- PR861: Allow loading from non codebase hosts. Allow code to connect
to hosting server.
- PR518: NPString.utf8characters not guaranteed to be nul-terminated.
- PR722: META-INF/ unsigned entries should be ignored in signing.
- PR855: AppletStub getDocumentBase() doesn't return full URL.
- PR1011: Folders treated as jar files in archive tag.
- PR1106: Buffer overflow in plugin table.
- PR975: Plugin should not include classpaths specified in jar manifests
when using jnlp_href.
- PR588: Cookies not written from cookie jar to browser cookies.
* Common fixes:
- PR918: java applet windows uses a low resulution black/white icon.
- Disambiguate signed applet security prompt from certificate warning.
- PR955: regression: SweetHome3D fails to run.
* For Ubuntu quantal, set priorities for alternatives higher than for
OpenJDK 6.
* Call update-alternatives when the existing priority for the alternative
is lower than the current one.
* icedtea-netx: Don't set the alternatives to a OpenJDK which is not
installed. Closes: #681269.
* Allow building the plugin for OpenJDK 6 using OpenJDK 7.
* Build with hardening defaults.
Reply to: