Overview

File _patchinfo of Package patchinfo.1094

<patchinfo incident="1094">
  <packager>mvyskocil</packager>
  <issue tracker="bnc" id="787846">VUL-0: icedtea-web: CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to apple</issue>
  <issue tracker="cve" id="CVE-2012-4540"></issue>
  <issue tracker="bnc" id="784859">icedtea-web: Multiple exceptions when running unsigned JNLP</issue>
  <issue tracker="bnc" id="785333">javaws (OpenJDK) cannot start Cisco JNLP file with self signed certificate</issue>
  <issue tracker="bnc" id="786775">icedtea-web fail to download JARs on https locations</issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>icedtea-web: update to 1.3.1 (bnc#787846)</summary>
  <description>The IcedTea Web Java plugin was updated to 1.3.1 (bnc#787846)
- Security Updates
  * CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet
- Common Bugfixes
  - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7
    fixes the self-signed issue (mentioned in bnc#784859, bnc#785333, bnc#786775)</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places