Revisions of icedtea-web
Stefan Lijewski (lijews)
accepted
request 200361
from
Stefan Lijewski (lijews)
(revision 11)
- update to 1.4.1 (bnc#840572) * Improved and cleaned Temporary internet files panel * NetX - PR1465 - java.io.FileNotFoundException while trying to download a JAR file - PR1473 - javaws should not depend on name of local file * Plugin - PR854: Resizing an applet several times causes 100% CPU load * Security Updates - CVE-2013-4349, RH869040: Heap-based buffer overflow after triggering event attached to applet CVE-2012-4540 nit fixed in icedtea-web 1.4 * Misc - reproducers tests are enabled in dist-tarball - application context support for OpenJDK build 25 and higher - small patches into rhino support and - PR1533: Inherit jnlp.packEnabled and jnlp.versionEnabled like other properties - need jpackage-utils on older distros - run more tests in %check - drop icedtea-web-AppContext.patch, already upstream
Stefan Lijewski (lijews)
accepted
request 176108
from
Stefan Lijewski (lijews)
(revision 10)
- update to 1.4 (bnc#818768) * Added cs, de, pl localization * Splash screen for javaws and plugin * Better error reporting for plugin via Error-splash-screen * All IcedTea-Web dialogues are centered to middle of active screen * Download indicator made compact for more then one jar * User can select its own JVM via itw-settings and deploy.properties. * Added extended applets security settings and dialogue * Security updates - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - CVE-2013-1927, RH884705: fixed gifar vulnerabilit - CVE-2012-3422, RH840592: Potential read from an uninitialized memory location - CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings * NetX - PR1027: DownloadService is not supported by IcedTea-Web - PR725: JNLP applications will prompt for creating desktop shortcuts every time they are run - PR1292: Javaws does not resolve versioned jar names with periods correctly * Plugin - PR1106: Buffer overflow in plugin table- - PR1166: Embedded JNLP File is not supported in applet tag - PR1217: Add command line arguments for plugins - PR1189: Icedtea-plugin requires code attribute when using jnlp_href - PR1198: JSObject is not passed to javascript correctly - PR1260: IcedTea-Web should not rely on GTK - PR1157: Applets can hang browser after fatal exception - PR580: http://www.horaoficial.cl/ loads improperly * Common - PR1049: Extension jnlp's signed jar with the content of only META-INF/* is considered - PR955: regression: SweetHome3D fails to run - PR1145: IcedTea-Web can cause ClassCircularityError
Stefan Lijewski (lijews)
accepted
request 173083
from
Stefan Lijewski (lijews)
(revision 9)
- update to 1.3.2 (bnc#815596) - Security Updates * CVE-2013-1927, RH884705: fixed gifar vulnerability * CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - Common * Added new option in itw-settings which allows users to set JVM arguments when plugin is initialized. - NetX * PR580: http://www.horaoficial.cl/ loads improperly - Plugin * PR1260: IcedTea-Web should not rely on GTK obsoletes icedtea-web-remove-gtk-dep.patch * PR1157: Applets can hang browser after fatal exception
Stefan Lijewski (lijews)
accepted
request 142728
from
Stefan Lijewski (lijews)
(revision 8)
- update to 1.3.1 (bnc#787846) - Security Updates * CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet - Common - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7 fixes the self-signed issue (mentioned in bnc#784859, bnc#785333, bnc#786775)
Stefan Lijewski (lijews)
accepted
request 135154
from
Stefan Lijewski (lijews)
(revision 7)
- update to 1.3 (bnc#779001) - New features: * Web Start launch errors are now printed to give proper indication as to the cause * Significant performance improvement when loading applets that refer to missing classes * Support for latest versions of Chromium * Security warning dialog improvements to better clarify security request * Support build with GTK2 and GTK3 * Cookie write support (i.e set cookies in browser via Java/Applet) - Common: * Applet window icon improved - Plug-in: * PR975: Ignore classpaths specified in jar manifests when using jnlp_href * PR1011: Treat folders as such when specified in archive tags * PR855: AppletStub getDocumentBase() now returns full URL * PR722: Unsigned META-INF entries are ignored * PR861: Jars can now load from non codebase hosts * PR1106: Icedtea 1.2.1 crashes Firefox 14 - Web Start: * PR898: Large signed JNLP files now supported * PR811: URLs with spaces now handled correctly
Stefan Lijewski (lijews)
accepted
request 132152
from
Stefan Lijewski (lijews)
(revision 6)
- fix PR1106: Icedtea 1.2.1 crashes Firefox 14 * http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1106 - update to 1.2.1 (bnc#773458) - Security Updates * CVE-2012-3422, RH840592: Potential read from an uninitialized memory location * CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings - NetX * PR898: signed applications with big jnlp-file doesn't start (webstart affect like "frozen") * PR811: javaws is not handling urls with spaces (and other characters needing encoding) correctly * 816592: icedtea-web not loading GeoGebra java applets in Firefox or Chrome - Plugin * PR863: Error passing strings to applet methods in Chromium * PR895: IcedTea-Web searches for missing classes on each loadClass or findClass * PR518: NPString.utf8characters not guaranteed to be nul-terminated - Common * RH838417: Disambiguate signed applet security prompt from certificate warning * RH838559: Disambiguate signed applet security prompt from certificate warning
Stefan Lijewski (lijews)
accepted
request 108291
from
Michal Vyskocil (mvyskocil)
(revision 5)
- update to 1.2 - New features: * Signed JNLP support * Support for client authentication certificates * Cache size enforcement now supported via itweb-settings * Applet parameter passing through JNLP files now supported * Better icons for access warning dialog * Security Dialog UI revamped to make it look less threatening when appropriate - Fixes (plugin, webstart, common) * PR618: Can't install OpenDJ, JavaWebStart fails with Input stream is null error * PR765: JNLP file with all resource jars marked as 'lazy' fails to validate signature and stops the launch of application * PR788: Elluminate Live! is not working * PR804: javaws launcher incorrectly handles file names with spaces * PR820, bnc#746895: IcedTea-Web 1.1.3 crashing Firefox when loading Citrix XenApp * PR838: IcedTea plugin crashes with chrome browser when javascript is executed * PR852: Classloader not being flushed after last applet from a site is closed * RH586194: Unable to connect to connect with Juniper VPN client * PR771: IcedTea-Web certificate verification code does not use the right API * PR742: IcedTea-Web checks certs only upto 1 level deep before declaring them untrusted. * PR789: typo in jrunscript.sh * PR808: javaws is unable to start, when missing jars are enumerated before main jar * RH738814: Access denied at ssl handshake * Support for authenticating using client certificates - fix bnc#737105/FATE#313084: add Supplements: packageand(broswer(npapi):java-openjdk) ensures the web plugin is pulled in when openjdk and capable browser is installed - enable make check in respective section
Stefan Lijewski (lijews)
accepted
request 91355
from
Michal Vyskocil (mvyskocil)
(revision 4)
- update to 1.1.4 (fixes bnc#729870) - RH742515, CVE-2011-3377: IcedTea-Web: second-level domain subdomains and suffix domain SOP bypass - PR778: Jar download and server certificate verification deadlock
Stefan Lijewski (lijews)
accepted
request 76593
from
Michal Vyskocil (mvyskocil)
(revision 3)
- fix bnc#704309 - VUL-0: icedtea/icedtea-web two issues * CVE-2011-2513 * CVE-2011-2514 - use --with-java instead of patching of launchers as suggested by upstream - fix bnc#704419 - Use correct path in IcedteaPlugin.so * allow plugin usage without -devel package installed * fix lanchers location from JAVA to JRE * icedtea-1.1-use-jre-in-launchers.patch
Stefan Lijewski (lijews)
accepted
request 74894
from
Michal Vyskocil (mvyskocil)
(revision 2)
fix bnx#702825 - IcedTeaPlugin.so gives undefined symbol
Stefan Lijewski (lijews)
accepted
request 74635
from
Michal Vyskocil (mvyskocil)
(revision 1)
fix bnc#698739: icedtea6-1.10.2 released - the 1.10x don't have the plugin inside
Displaying all 11 revisions