File _patchinfo of Package patchinfo.190

<patchinfo incident="icedtea-web">
  <packager>lijews</packager>
  <issue tracker="cve" id="CVE-2012-4540"></issue>
  <issue tracker="cve" id="CVE-2013-4349"></issue>
  <issue tracker="bnc" id="840572">VUL-0: CVE-2013-4349: icedtea-web 1.4.1 released</issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>update for icedtea-web</summary>
  <description>This icedtea-web update fixes several security issues.

Changes in icedtea-web:
- update to 1.4.1 (bnc#840572)
* Improved and cleaned Temporary internet files panel
* NetX
  - PR1465 - java.io.FileNotFoundException while trying to download a JAR file
  - PR1473 - javaws should not depend on name of local file
* Plugin
  - PR854: Resizing an applet several times causes 100% CPU load
* Security Updates
  - CVE-2013-4349, RH869040: Heap-based buffer overflow after triggering event attached to applet
    CVE-2012-4540 nit fixed in icedtea-web 1.4
* Misc 
  - reproducers tests are enabled in dist-tarball
  - application context support for  OpenJDK build 25 and higher
  - small patches into rhino support and
  - PR1533: Inherit jnlp.packEnabled and jnlp.versionEnabled like other properties
- need jpackage-utils on older distros
</description>
</patchinfo>
openSUSE Build Service is sponsored by