Overview

File _patchinfo of Package patchinfo.2027

<patchinfo>
  <issue id="840572" tracker="bnc">VUL-0: CVE-2013-4349: icedtea-web 1.4.1 released</issue>
  <issue id="CVE-2013-4349" tracker="cve" />
  <issue id="CVE-2012-4540" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>mvyskocil</packager>
  <description>This icedtea-web update fixes several security issues.

Changes in icedtea-web:
- update to 1.4.1 (bnc#840572)
* Improved and cleaned Temporary internet files panel
* NetX
  - PR1465 - java.io.FileNotFoundException while trying to download a JAR file
  - PR1473 - javaws should not depend on name of local file
* Plugin
  - PR854: Resizing an applet several times causes 100% CPU load
* Security Updates
  - CVE-2013-4349, RH869040: Heap-based buffer overflow after triggering event attached to applet
    CVE-2012-4540 nit fixed in icedtea-web 1.4
* Misc 
  - reproducers tests are enabled in dist-tarball
  - application context support for  OpenJDK build 25 and higher
  - small patches into rhino support and
  - PR1533: Inherit jnlp.packEnabled and jnlp.versionEnabled like other properties
- need jpackage-utils on older distros
- run more tests in %check
- drop icedtea-web-AppContext.patch, already upstream

- add javapackages-tools to build requires
</description>
  <summary>update for icedtea-web</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places