File icedtea-web.changes of Package icedtea-web.23597
-------------------------------------------------------------------
Fri Jul 26 05:41:29 UTC 2019 - Fridrich Strba <fstrba@suse.com>
- Update to 1.7.2
* added support for javafx-desc and so allow run of pure-javafx
only applications
* --nosecurity enhanced for possibility to skip invalid
signatures
* enhanced to allow resources to be read also from j2se/java
element (OmegaT)
* PR3644 - java.lang.NoClassDefFoundError: Could not initialize class
net.sourceforge.jnlp.runtime.JNLPRuntime$DeploymentConfigurationHolder
* deployment.config now support generic url instead just file
* Added support for windows desktop shortcuts via
https://github.com/DmitriiShamrikov/mslinks
* cache can now be operated by groups, list by -Xcacheids
(details via -verbose, can filter by regex), Xclearcache now can
clear only selected id. There is also gui to operate cache via
id in itweb-settings now.
* desktop shortcut name get shortened to title or file if title
is missing.
* scripted launchers rework: Windows bat launchers rewritten to
be feature complete, Linux shell launchers made portable, build
enhanced to produce platform independent image
- Removed patch:
* icedtea-web-jdk10.patch
+ integrated upstream
- Added patches:
* CVE-2019-10181.patch
+ Upstream patch to fix bsc#1142835, CVE-2019-10181:
icedtea-web: unsigned code injection in a signed JAR file
* CVE-2019-10182_1.patch
* CVE-2019-10182_2.patch
+ Upstream patches to fix bsc#1142825, CVE-2019-10182:
icedtea-web: path traversal while processing <jar/> elements
of JNLP files results in arbitrary file overwrite
* CVE-2019-10185.patch
+ Upstream patch to fix bsc#1142832, CVE-2019-10185:
icedtea-web: directory traversal in the nested jar
auto-extraction leading to arbitrary file overwrite
-------------------------------------------------------------------
Tue Feb 5 12:00:41 UTC 2019 - Fridrich Strba <fstrba@suse.com>
- Make the plugin opt-in for all distributions and architectures
-------------------------------------------------------------------
Wed Sep 26 05:49:20 UTC 2018 - Fridrich Strba <fstrba@suse.com>
- BuildConflict with java >= 11, since it cannot build icedtea-web
due to removed classes.
-------------------------------------------------------------------
Wed Jun 13 16:02:16 UTC 2018 - fstrba@suse.com
- Remove dependency on objectweb-asm, since the build does not need
it
-------------------------------------------------------------------
Tue May 15 19:04:29 UTC 2018 - bjorn.lie@gmail.com
- Drop java Supplements: We no longer want to install this browser
plugin for all users that have java installed by default. It is
no longer supported by the majority of browsers in use, including
Mozilla Firefox.
-------------------------------------------------------------------
Wed Feb 21 09:02:25 UTC 2018 - fstrba@suse.com
- Disable the native plugin for SLE from version 15 (fate#323976)
-------------------------------------------------------------------
Fri Dec 15 15:08:21 UTC 2017 - fstrba@suse.com
- Update to 1.7.1
* better work with authors file
* better work with jdk9
* Added possibility to turn off https preference via deployment
properties
- Removed patches:
* icedtea-web-exports.patch
* icedtea-web-javadoc9.patch
* icedtea-web-x509factory.patch
+ Integrated upstream
-------------------------------------------------------------------
Thu Nov 23 11:22:54 UTC 2017 - fstrba@suse.com
- Modified patch:
* icedtea-web-jdk10.patch
+ more future-proof determination of java version
-------------------------------------------------------------------
Wed Nov 15 08:47:55 UTC 2017 - fstrba@suse.com
- Bumped by mistake build requirement, bump it back.
Build with java-devel >= 1.8
-------------------------------------------------------------------
Tue Nov 14 09:32:33 UTC 2017 - fstrba@suse.com
- Added patch:
* icedtea-web-jdk10.patch
+ Allow build/run with jdk10
-------------------------------------------------------------------
Tue Sep 26 10:41:09 UTC 2017 - fstrba@suse.com
- Modified patch:
* icedtea-web-exports.patch
+ Fix typo in patch
-------------------------------------------------------------------
Tue Sep 5 17:50:30 UTC 2017 - fstrba@suse.com
- Added patch:
* icedtea-web-javadoc9.patch
- Allow building of icedtea-web-javadoc with jdk9
-------------------------------------------------------------------
Tue Sep 5 08:26:46 UTC 2017 - fstrba@suse.com
- Added patch:
* icedtea-web-x509factory.patch
- Allow building of icedtea-web (with some limitations) using
jdk9
-------------------------------------------------------------------
Tue Sep 5 07:45:36 UTC 2017 - fstrba@suse.com
- Added patch:
* icedtea-web-exports.patch
- Fixing "java.lang.IllegalAccessError: class
netscape.javascript.JSObject (in module jdk.jsobject) cannot
access class sun.applet.PluginDebug (in module java.desktop)
because module java.desktop does not export sun.applet to
module jdk.jsobject" with
https://www.java.com/en/download/installed8.jsp?detect=jre
-------------------------------------------------------------------
Fri Jul 28 05:52:00 UTC 2017 - fstrba@suse.com
- Update to 1.7
* PR3366 - bash completion file was split to three, and is
setup-able by bashcompdir environment variable
* added experimental support for windows
* added experimental support for java 9 (linux only)
* added experimental support for jnlp protocol (see
https://bugs.openjdk.java.net/browse/JDK-8055464)
* restricted to JDK8 and higher
* all connection restrictions now consider also port
* Enabled Entry-Point attribute check
* permissions sandbox and signed app and unsigned app with
permissions all-permissions now run in sandbox instead of not
at all.
* fixed DownloadService
* PR2779: html-gen.sh: Don't try to call hg if .hg directory
isn't present
* PR2591 - IcedTea-Web request resources twice for meta
informations and causes ClientAbortException on tomcat in
conjunction with JnlpDownloadServlet
* PR2690 - Can't run BOM into JNLP file
* PR2669 - remove bash-specific syntax from top level Makefile.am
* PR2489 - various NPEs when codebase is null
* PR2855 - configure.ac: Remove unnecessary checks for libX11 and
zlib
* PR878 - (http-511) Handle HTTP error 511 Network Authentication
Required (standard secure proxy authentification/captive portal
detection)
* PR1190 - unuseable javaws cache handling
* PR3227 - can not save file with query longer then (together
with name) then 255 chars
* comments in deployment.properties now should persists load/save
* fixed bug in caching of files with query
* fixed issues with recreating of existing shortcut
* trustAll/trustNone now processed correctly
* headless no longer shows dialogues
* RH1231441 Unable to read the text of the buttons of the
security dialogue
* Fixed RH1233697 icedtea-web: applet origin spoofing
* Fixed RH1233667 icedtea-web: unexpected permanent authorization
of unsigned applets
* FIXED PR3263 - Cannot retrieve JavaScript Engine using
ScriptEngineManager.getEngineByName
* fixed fatal impact of initialization error of FileLog
* MissingALACAdialog made available also for unsigned applications
(but ignoring actual manifest value) and fixed
* more dialogs got remember me possibility
- MissingALACAttributePanel
- AccessWarning
- MissingPermissionsAttributePanel
- MatchingALACAttributePanel
- UnsignedAppletTrustWarningPanel
- PartiallySignedAppTrustWarningPanel
* Itw-settings
- All rememberable dialogues can have saved value modified
* NetX
- fixed issues with -html shortcuts
- fixed issue with -html receiving garbage in width and height
- main-class attribute trimmed by default
- in strict mode, main-class attribute checked for invalid
characters
- added -browser switch as workaround around most uttermost
http authentications cornercases
* PolicyEditor
- Entry list is sorted, entries will appear with consistent
ordering
- file flag made to work when used standalone
- file flag cannot be used in combination with main argument
- defaultfile flag added
- support for SignedBy and Principals along with existing
Codebase
* Plugin
- RH1273691 - Escaped equals signs in deployment.properties not
un-escaped when used
- PR2746 - IcedTea-Web Plugin 1.6.1:
net.sourceforge.jnlp.LaunchException
- PR2714 - IcedTea-Web plugin sends uninitialized memory
garbage across a pipe when NPN_GetValueForURL call fails
- PR3198 - Error in webmin
- PR2968 - IcedTea-Web crashes on Dell EqualLogic SAN
-------------------------------------------------------------------
Thu Jun 29 07:33:20 UTC 2017 - fstrba@suse.com
- Handle the plugin with alternatives
- Register icedtea-web's javaws as default handler for jnlp and
jnlps protocols
-------------------------------------------------------------------
Fri Jun 23 07:38:11 UTC 2017 - fstrba@suse.com
- Remove the java-*-openjdk-plugin.spec files
- Build only one version of plugin and javaws, that works with the
default java alternative
- Name the package back icedtea-web
- Depend on tagsoup to handle the majority badly formed html out
there
-------------------------------------------------------------------
Tue Feb 21 07:06:18 UTC 2017 - fstrba@suse.com
- Removed patch:
* icedtea-web-1.6.1-fix-2746.patch
+ Part of 1.6.2
-------------------------------------------------------------------
Thu Jul 21 05:59:53 UTC 2016 - fstrba@suse.com
- Bump build java-devel version requirements to 1.7 or bigger
* The build system requires it
-------------------------------------------------------------------
Fri Jul 8 13:51:02 UTC 2016 - pjanouch@suse.de
- Fix bsc#982622 net.sourceforge.jnlp.LaunchException
with icedtea-web-1.6.1-fix-2746.patch taken from 1.6.2
-------------------------------------------------------------------
Wed Mar 16 17:29:49 UTC 2016 - bwiedemann@suse.com
- Fix build-compare by not including rebuild-counter
-------------------------------------------------------------------
Wed Feb 3 16:21:34 UTC 2016 - fstrba@suse.com
- Update to 1.6.2
* all connection restrictions now consider also port
* PR2779: html-gen.sh: Don't try to call hg if .hg directory
isn't present
* PR2591 - IcedTea-Web request resources twice for meta
informations and causes ClientAbortException on tomcat in
conjunction with JnlpDownloadServlet
* PR2690 - Can't run BOM into JNLP file
* PR2669 - remove bash-specific syntax from top level
Makefile.am
* PR2489 - various NPEs when codebase is null
* NetX
+ main-class attribute trimmed by default
+ in strict mode, main-class attribute checked for invalid
characters
* Plugin
+ RH1273691 - Escaped equals signs in deployment.properties not
un-escaped when used
+ PR2746 - IcedTea-Web Plugin 1.6.1:
net.sourceforge.jnlp.LaunchException
+ PR2714 - IcedTea-Web plugin sends uninitialized memory
garbage across a pipe when NPN_GetValueForURL call fails
- Removed patches:
* icedtea-web-1.6.1-doInit.patch
* icedtea-web-1.6.1-HexDumpEncoder.patch
+ integrated upstream
-------------------------------------------------------------------
Mon Jan 18 08:12:44 UTC 2016 - fstrba@suse.com
- Let java-VERSION-openjdk-plugin supplement java-VERSION-openjdk
only and not the generic java-openjdk (bsc#929464)
-------------------------------------------------------------------
Wed Jan 13 08:26:03 UTC 2016 - fstrba@suse.com
- Added patch:
* icedtea-web-1.6.1-HexDumpEncoder.patch
- Adapt to the move of HexDumpEncoder from sun.misc to
sun.security.utils from jdk-9+99.
-------------------------------------------------------------------
Tue Nov 3 14:24:52 UTC 2015 - fstrba@suse.com
- Added patch:
* icedtea-web-1.6.1-doInit.patch
- Adapt to the removal of support for serialized applets from
jdk9's java.desktop
-------------------------------------------------------------------
Mon Sep 14 07:21:36 UTC 2015 - fstrba@suse.com
- Update to 1.6.1
* Enabled Entry-Point attribute check
* permissions sandbox and signed app and unsigned app with
permissions all-permissions now run in sandbox instead of not
at all.
* fixed DownloadService
* comments in deployment.properties now should persists load/save
* fixed bug in caching of files with query
* fixed issues with recreating of existing shortcut
* trustAll/trustNone now processed correctly
* headless no longer shows dialogues
* RH1231441 Unable to read the text of the buttons of the security
dialogue
* Fixed RH1233697 icedtea-web: applet origin spoofing
(CVE-2015-5235, bsc#944208)
* Fixed RH1233667 icedtea-web: unexpected permanent authorization
of unsigned applets (CVE-2015-5234, bsc#944209)
* MissingALACAdialog made available also for unsigned applications
(but ignoring actual manifest value) and fixed
* NetX
- fixed issues with -html shortcuts
- fixed issue with -html receiving garbage in width and height
* PolicyEditor
- file flag made to work when used standalone
- file flag and main argument cannot be used in combination
- Removed patch:
* icedtea-web-1.6-tail.patch
- Upstreamed
-------------------------------------------------------------------
Wed Jul 22 10:30:55 UTC 2015 - fstrba@suse.com
- Added patch:
* icedtea-web-1.6-tail.patch
- Fix generation of man-pages with some versions of "tail"
-------------------------------------------------------------------
Mon Jul 20 13:46:47 UTC 2015 - fstrba@suse.com
- Update to 1.6
* Massively improved offline abilities. Added Xoffline switch to
force work without inet connection.
* Improved to be able to run with any JDK
* JDK 6 and older no longer supported
* JDK 8 support added (URLPermission granted if applicable)
* JDK 9 supported
* Added support for Entry-Point manifest attribute
* Added KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK deployment property
to control scan of Manifest file
* starting arguments now accept also -- abbreviations
* Added new documentation
* Added support for menu shortcuts - both javaws
applications/applets and html applets are supported
* added support for -html switch for javaws. Now you can run most
of the applets without browser at all
* Control Panel
- PR1856: ControlPanel UI improvement for lower resolutions
(800*600)
* NetX
- PR1858: Java Console accepts multi-byte encodings
- PR1859: Java Console UI improvement for lower resolutions
(800*600)
- RH1091563: [abrt] icedtea-web-1.5-2.fc20: Uncaught exception
java.lang.ClassCastException in method
sun.applet.PluginAppletViewer$8.run()
- Dropped support for long unmaintained -basedir argument
- Returned support for -jnlp argument
- RH1095311, PR574 - References class sun.misc.Ref removed in
OpenJDK 9 - fixed, and so buildable on JDK9
* Plugin
- PR1743 - Intermittant deadlock in PluginRequestProcessor
- PR1298 - LiveConnect - problem setting array elements (applet
variables) from JS
- RH1121549: coverity defects
- Resolves method overloading correctly with superclass
heirarchy distance
* PolicyEditor
- codebases can be renamed in-place, copied, and pasted
- codebase URLs can be copied to system clipboard
- displays a progress dialog while opening or saving files
- codebases without permissions assigned save to file anyway
(and re-appear on next open)
- PR1776: NullPointer on save-and-exit
- PR1850: duplicate codebases when launching from security dialogs
- Fixed bug where clicking "Cancel" on the "Save before Exiting"
dialog could result in the editor exiting without saving
changes
- Keyboard accelerators and mnemonics greatly improved
- "File - New" allows editing a new policy without first
selecting the file to save to
* Common
- PR1769: support signed applets which specify Sandbox
permissions in their manifests
* Temporary Permissions in security dialog now multi-selectable
and based on PolicyEditor permissions
-------------------------------------------------------------------
Wed Nov 26 17:40:23 UTC 2014 - fstrba@suse.com
- Update to 1.5.2 (fate#318956)
* NetX
- RH1095311, PR574 - References class sun.misc.Ref removed in
OpenJDK 9 - fixed, and so buildable on JDK9
- RH1154177 - decoded file needed from cache
- fixed NPE in https dialog
- empty codebase behaves as "."
- Remove patch: icedtea-web-1.5.1-java9.patch
* Upstreamed in this version
-------------------------------------------------------------------
Thu Oct 16 12:25:28 UTC 2014 - gber@opensuse.org
- Modify icedtea-web-suse-desktop-files.patch to use use
X-GNOME-DesktopSettings as well
-------------------------------------------------------------------
Thu Oct 16 11:50:43 UTC 2014 - fstrba@suse.com
- Conditional dependencies on libX11 and/or xorg-x11-devel
* make possible to build for SLE11
-------------------------------------------------------------------
Mon Oct 13 09:53:44 UTC 2014 - gber@opensuse.org
- Modify icedtea-web-suse-desktop-files.patch to use the Settings
instead of the System category, policyeditor.desktop and
itweb.desktop are tools for mamanging per-user preferences and
not system applications
-------------------------------------------------------------------
Thu Oct 9 18:54:04 UTC 2014 - badshah400@gmail.com
- Modify icedtea-web-suse-desktop-files.patch to add
X-GNOME-Sundry to list of categories for policyeditor.desktop
and itweb.desktop, so that both items are included in the
Sundry app-folder in GNOME.
-------------------------------------------------------------------
Fri Oct 3 07:25:10 UTC 2014 - fstrba@suse.com
- Add patch: icedtea-web-1.5.1-java9.patch
* Allow building against java9
-------------------------------------------------------------------
Tue Sep 23 09:13:27 UTC 2014 - fstrba@suse.com
- Modified patch:
* icedtea-web-suse-desktop-files.patch
- Change categories for the desktop files to keep SLE and
openSUSE in sync
-------------------------------------------------------------------
Mon Sep 22 12:39:43 UTC 2014 - fstrba@suse.com
- Update to 1.5.1
* Massively improved offline abilities.
* Improved to be able to run with any JDK
* JDK 8 support added (URLPermission granted if applicable)
* Added DE and PL localizations
* Added KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK deployment property
to control scan of Manifest file
* Control Panel
- PR1856: ControlPanel UI improvement for lower resolutions (800*600)
* NetX
- PR1858: Java Console accepts multi-byte encodings
- PR1859: Java Console UI improvement for lower resolutions (800*600)
- RH1091563: [abrt] icedtea-web-1.5-2.fc20: Uncaught exception
java.lang.ClassCastException in method
sun.applet.PluginAppletViewer$8.run()
* Plugin
- PR1743 - Intermittant deadlock in PluginRequestProcessor
- RH1121549: coverity defects
* PolicyEditor
- codebases without permissions assigned save to file anyway (and
re-appear on next open)
- PR1776: NullPointer on save-and-exit
- Custom permissions are properly formatted
- Remove upstreamed patch:
* icedtea-web-1.5-no-return-in-nonvoid-function.patch
-------------------------------------------------------------------
Thu Aug 21 10:49:39 UTC 2014 - fstrba@suse.com
- Touch link targets in order to silence test of broken symlinks
-------------------------------------------------------------------
Thu Aug 7 15:39:01 UTC 2014 - fcrozat@suse.com
- Update icedtea-web-suse-desktop-files.patch: Add
X-GNOME-SystemSettings category.
-------------------------------------------------------------------
Mon Jul 28 07:05:32 UTC 2014 - tchvatal@suse.com
- Update alternatives code to match docu.
-------------------------------------------------------------------
Tue Jul 22 15:20:38 UTC 2014 - fstrba@suse.com
- Modified patch:
* icedtea-web-suse-desktop-files.patch
- Change categories for itweb-settings.desktop
-------------------------------------------------------------------
Wed Jul 16 16:20:22 UTC 2014 - fstrba@suse.com
- Update to 1.5
* Remove build dependency on xulrunner
- Deleted atches:
* icedtea-web-1.0.2-no-return-in-nonvoid-function.patch,
icedtea-web-1.1-moonlight-symbol-chash.patch: not needed in
icedtea-web 1.5
- Added patch:
* icedtea-web-1.5-no-return-in-nonvoid-function.patch: fix bugs
uncovered by post-build tests
- Split package into three:
* java-1_7_0-openjdk-plugin: builds a plugin for java-1_7_0-openjdk
* java-1_8_0-openjdk-plugin: builds a plugin for java-1_8_0-openjdk
* icedtea-web: builds common javadoc documentation for both
packages.
- The used plugin is determined by alternatives
-------------------------------------------------------------------
Fri Sep 20 13:22:25 UTC 2013 - mvyskocil@suse.com
- update to 1.4.1 (bnc#840572)
* Improved and cleaned Temporary internet files panel
* NetX
- PR1465 - java.io.FileNotFoundException while trying to download a JAR file
- PR1473 - javaws should not depend on name of local file
* Plugin
- PR854: Resizing an applet several times causes 100% CPU load
* Security Updates
- CVE-2013-4349, RH869040: Heap-based buffer overflow after triggering event attached to applet
CVE-2012-4540 nit fixed in icedtea-web 1.4
* Misc
- reproducers tests are enabled in dist-tarball
- application context support for OpenJDK build 25 and higher
- small patches into rhino support and
- PR1533: Inherit jnlp.packEnabled and jnlp.versionEnabled like other properties
- need jpackage-utils on older distros
- run more tests in %check
- drop icedtea-web-AppContext.patch, already upstream
-------------------------------------------------------------------
Fri Sep 13 08:51:19 UTC 2013 - mvyskocil@suse.com
- add javapackages-tools to build requires
-------------------------------------------------------------------
Thu Jun 20 08:34:55 UTC 2013 - mvyskocil@suse.com
- fix bnc#825880: icedtea-web broken by last openjdk security update
icedtea-web-AppContext.patch
-------------------------------------------------------------------
Tue May 7 14:18:32 UTC 2013 - mvyskocil@suse.com
- update to 1.4 (bnc#818768)
* Added cs, de, pl localization
* Splash screen for javaws and plugin
* Better error reporting for plugin via Error-splash-screen
* All IcedTea-Web dialogues are centered to middle of active screen
* Download indicator made compact for more then one jar
* User can select its own JVM via itw-settings and deploy.properties.
* Added extended applets security settings and dialogue
* Security updates
- CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path.
- CVE-2013-1927, RH884705: fixed gifar vulnerabilit
- CVE-2012-3422, RH840592: Potential read from an uninitialized memory location
- CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings
* NetX
- PR1027: DownloadService is not supported by IcedTea-Web
- PR725: JNLP applications will prompt for creating desktop shortcuts every time they are run
- PR1292: Javaws does not resolve versioned jar names with periods correctly
* Plugin
- PR1106: Buffer overflow in plugin table-
- PR1166: Embedded JNLP File is not supported in applet tag
- PR1217: Add command line arguments for plugins
- PR1189: Icedtea-plugin requires code attribute when using jnlp_href
- PR1198: JSObject is not passed to javascript correctly
- PR1260: IcedTea-Web should not rely on GTK
- PR1157: Applets can hang browser after fatal exception
- PR580: http://www.horaoficial.cl/ loads improperly
* Common
- PR1049: Extension jnlp's signed jar with the content of only META-INF/* is considered
- PR955: regression: SweetHome3D fails to run
- PR1145: IcedTea-Web can cause ClassCircularityError
- PR1161: X509VariableTrustManager does not work correctly with OpenJDK7
- PR822: Applets fail to load if jars have different signers
- PR1186: System.getProperty("deployment.user.security.trusted.cacerts") is null
- PR909: The Java applet at http://de.gosupermodel.com/games/wardrobegame.jsp fails
- PR1299: WebStart doesn't read socket proxy settings from firefox correctly
-------------------------------------------------------------------
Wed Apr 17 14:11:32 UTC 2013 - mvyskocil@suse.com
- update to 1.3.2 (bnc#815596)
- Security Updates
* CVE-2013-1927, RH884705: fixed gifar vulnerability
* CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path.
- Common
* Added new option in itw-settings which allows users to set JVM arguments
when plugin is initialized.
- NetX
* PR580: http://www.horaoficial.cl/ loads improperly
- Plugin
* PR1260: IcedTea-Web should not rely on GTK
obsoletes icedtea-web-remove-gtk-dep.patch
* PR1157: Applets can hang browser after fatal exception
-------------------------------------------------------------------
Sat Jan 19 22:55:39 UTC 2013 - zaitor@opensuse.org
- Add icedtea-web-remove-gtk-dep.patch, build icedtea-web without
GTK. Plugin now works in both gtk2 and gtk3 based browsers.
-------------------------------------------------------------------
Wed Jan 16 15:03:43 UTC 2013 - mvyskocil@suse.com
- limit the provides/obsoletes to architectures, where -plugin package
existed and don't pollute shiny new arm with an old garbage
-------------------------------------------------------------------
Tue Jan 15 21:17:00 UTC 2013 - dmueller@suse.com
- handle the package renaming on arm properly
-------------------------------------------------------------------
Wed Nov 7 08:44:05 UTC 2012 - mvyskocil@suse.com
- update to 1.3.1 (bnc#787846)
- Security Updates
* CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet
- Common
- PR1161: X509VariableTrustManager does not work correctly with OpenJDK7
fixes the self-signed issue (mentioned in bnc#784859, bnc#785333, bnc#786775)
-------------------------------------------------------------------
Mon Sep 10 08:29:27 UTC 2012 - mvyskocil@suse.cz
- update to 1.3 (bnc#779001)
- New features:
* Web Start launch errors are now printed to give proper indication as to the
cause
* Significant performance improvement when loading applets that refer to
missing classes
* Support for latest versions of Chromium
* Security warning dialog improvements to better clarify security request
* Support build with GTK2 and GTK3
* Cookie write support (i.e set cookies in browser via Java/Applet)
- Common:
* Applet window icon improved
- Plug-in:
* PR975: Ignore classpaths specified in jar manifests when using jnlp_href
* PR1011: Treat folders as such when specified in archive tags
* PR855: AppletStub getDocumentBase() now returns full URL
* PR722: Unsigned META-INF entries are ignored
* PR861: Jars can now load from non codebase hosts
* PR1106: Icedtea 1.2.1 crashes Firefox 14
- Web Start:
* PR898: Large signed JNLP files now supported
* PR811: URLs with spaces now handled correctly
- drop already upstreamed icetea-web-1.2.1-old-xulrunner-typo.patch
-------------------------------------------------------------------
Wed Aug 8 12:55:43 UTC 2012 - mvyskocil@suse.cz
- fix PR1106: Icedtea 1.2.1 crashes Firefox 14
* http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=1106
-------------------------------------------------------------------
Thu Aug 2 08:35:25 UTC 2012 - mvyskocil@suse.cz
- update to 1.2.1 (bnc#773458)
- Security Updates
* CVE-2012-3422, RH840592: Potential read from an uninitialized memory location
* CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings
- NetX
* PR898: signed applications with big jnlp-file doesn't start (webstart affect like "frozen")
* PR811: javaws is not handling urls with spaces (and other characters needing encoding) correctly
* 816592: icedtea-web not loading GeoGebra java applets in Firefox or Chrome
- Plugin
* PR863: Error passing strings to applet methods in Chromium
* PR895: IcedTea-Web searches for missing classes on each loadClass or findClass
* PR518: NPString.utf8characters not guaranteed to be nul-terminated
- Common
* RH838417: Disambiguate signed applet security prompt from certificate warning
* RH838559: Disambiguate signed applet security prompt from certificate warning
-------------------------------------------------------------------
Mon Jun 25 14:01:12 UTC 2012 - mvyskocil@suse.cz
- require java-1_7_0-openjdk for build and installation
-------------------------------------------------------------------
Tue Mar 6 12:55:36 UTC 2012 - mvyskocil@suse.cz
- update to 1.2
- New features:
* Signed JNLP support
* Support for client authentication certificates
* Cache size enforcement now supported via itweb-settings
* Applet parameter passing through JNLP files now supported
* Better icons for access warning dialog
* Security Dialog UI revamped to make it look less threatening when appropriate
- Fixes (plugin, webstart, common)
* PR618: Can't install OpenDJ, JavaWebStart fails with Input stream is null error
* PR765: JNLP file with all resource jars marked as 'lazy' fails to validate signature and stops the launch of application
* PR788: Elluminate Live! is not working
* PR804: javaws launcher incorrectly handles file names with spaces
* PR820, bnc#746895: IcedTea-Web 1.1.3 crashing Firefox when loading Citrix XenApp
* PR838: IcedTea plugin crashes with chrome browser when javascript is executed
* PR852: Classloader not being flushed after last applet from a site is closed
* RH586194: Unable to connect to connect with Juniper VPN client
* PR771: IcedTea-Web certificate verification code does not use the right API
* PR742: IcedTea-Web checks certs only upto 1 level deep before declaring them untrusted.
* PR789: typo in jrunscript.sh
* PR808: javaws is unable to start, when missing jars are enumerated before main jar
* RH738814: Access denied at ssl handshake
* Support for authenticating using client certificates
- fix bnc#737105/FATE#313084: add Supplements: packageand(broswer(npapi):java-openjdk)
ensures the web plugin is pulled in when openjdk and capable browser is installed
-------------------------------------------------------------------
Mon Mar 5 13:24:29 UTC 2012 - mvyskocil@suse.cz
- enable make check in respective section
-------------------------------------------------------------------
Mon Nov 14 10:19:16 UTC 2011 - mvyskocil@suse.cz
- update to 1.1.4 (fixes bnc#729870)
- RH742515, CVE-2011-3377: IcedTea-Web: second-level domain subdomains and
suffix domain SOP bypass
- PR778: Jar download and server certificate verification deadlock
-------------------------------------------------------------------
Mon Oct 24 09:14:10 UTC 2011 - mvyskocil@suse.cz
- update to 1.1.3:
- PR782: Support building against npapi-sdk as well
* drop the added patch
- PR794: IcedTea-Web does not work if a Web Start app jar has a
Class-Path element in the manifest
- icedtea-web-npapi-sdk-r5.patch for build with npapi-sdk we have
in openSUSE
-------------------------------------------------------------------
Mon Oct 10 11:19:41 UTC 2011 - gber@opensuse.org
- fix icedtea-web-suse-desktop-files.patch, itweb-settings is a
desktop setting and should not show up twice in two unrelated
top-level menus; also add a trailing semicolon
-------------------------------------------------------------------
Thu Sep 15 08:33:59 UTC 2011 - mvyskocil@suse.cz
- Build with a npapi-sdk and xulrunner-devel from openSUSE 12.1
-------------------------------------------------------------------
Tue Sep 6 06:50:15 UTC 2011 - cfarrell@suse.com
- license update: GPL-2.0-with-classpath-exception
SPDX syntax. See http://spdx.org/licenses
-------------------------------------------------------------------
Fri Sep 2 09:36:00 UTC 2011 - mvyskocil@suse.cz
- update to 1.1.2
* PR749: sun.applet.PluginStreamHandler#handleMessage(String) really slow
* RH718693: MindTerm SSH Applet doesn’t work
* PR768: Signed applets/Web Start apps don’t work with OpenJDK7 and up
* PR769: IcedTea-Web does not work with some ssl sites with OpenJDK7
* RH734081: Javaws cannot use proxy settings from Firefox
* New (--with-jre-home=) option to allow use with only JRE installed
- use a common jre location libdir/jvm/jre instead of openjdk6
- obsoleted CVE patches
-------------------------------------------------------------------
Wed Jul 20 13:18:38 UTC 2011 - mvyskocil@suse.cz
- fix bnc#704309 - VUL-0: icedtea/icedtea-web two issues
* CVE-2011-2513
* CVE-2011-2514
- use --with-java instead of patching of launchers as
suggested by upstream
-------------------------------------------------------------------
Fri Jul 8 08:03:40 UTC 2011 - mvyskocil@suse.cz
- fix bnc#704419 - Use correct path in IcedteaPlugin.so
* allow plugin usage without -devel package installed
* fix lanchers location from JAVA to JRE
* icedtea-1.1-use-jre-in-launchers.patch
-------------------------------------------------------------------
Thu Jun 30 11:37:13 UTC 2011 - mvyskocil@suse.cz
- fic bnx#702825 - IcedTeaPlugin.so gives undefined symbol
* fix the icedtea-web-1.1-moonlight-symbol-clash.patch
-------------------------------------------------------------------
Fri Jun 10 08:44:13 UTC 2011 - mvyskocil@suse.cz
- Update to 1.1 - triggered by icedtea-1.10.2 security update (bnc#698739)
- New features:
* IcedTea-Web now installs to a FHS-compliant location
* Binary launchers have been replaced with simple shell scripts
* Proxy Auto Config files are now usable
* Applications using jnlp.versionEnabled and jnlp.packEnabled are now supported
* Can now use codebase_lookup=false with applets
* itweb-settings now supports clearing cache
- Common fixes
* Apps calling loadClass get a proper a ClassNotFoundException if class is
not found, rather than a null value
* Applets and JNLP apps using SSL/TLS now function correctly
- Web Start implementation (javaws) fixes:
* The Web Start implementation can now use proxy settings from Firefox
* Web Start applications now use the correct default browser set by the user
* Closing javaws -about no longer throws exceptions
* Cache files are removed properly
- Plug-in fixes:
* Applets from the same page to use the same classloader (MS LiveMeeting,
www.uk.map24.com, etc.)
* NetDania banking application now works (bnc#608132)
* Sound now works with runescape.com (bnc#542457)
* Firefox 4 no longer freezes if the applet calls showDocument()
* Firefox 4 and chromium stability has been vastly improved with a rewrite of
the plug-in threading model
-------------------------------------------------------------------
Tue Apr 12 12:12:11 UTC 2011 - mvyskocil@suse.cz
- Initial SUSE packaging of 1.0.2
* just follow upstream's split of web tools to icedtea-web
