File _patchinfo of Package patchinfo.2581
<patchinfo> <issue id="864364" tracker="bnc">VUL-0: icedtea-web 1.4.2 released</issue> <issue id="CVE-2013-6493" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>mvyskocil</packager> <description> icedtea-web was updated to version 1.4.2 (bnc#864364), fixing various bugs and a security issues: * Dialogs center on screen before becoming visible * Support for u45 new manifest attributes (Application-Name) * Custom applet permission policies panel in itweb-settings control panel * Plugin - PR1271: icedtea-web does not handle 'javascript:'-protocol URLs - RH976833: Multiple applets on one page cause deadlock - Enabled javaconsole * Security Updates - CVE-2013-6493/RH1010958: insecure temporary file use flaw in LiveConnect implementation * Except above also: - Christmas splashscreen extension - fixed classloading deadlocks - cleaned code from warnings - pipes moved to XDG runtime dir * Patches changes: * rebased icedtea-web-1.1-moonlight-symbol-clash.patch * add icedtea-web-1.4.2-mkdir.patch * add icedtea-web-1.4.2-softkiller-link.patch * build with rhino support * use fdupes * run make run-netx-dist-tests in %check on openSUSE > 13.1 </description> <summary>icedtea-web: 1.4.2 bugfix update</summary> </patchinfo>
