IcedTea-Web 1.0.1 has been released. This is a security fix only release and addresses a couple of security issues.
What’s new in 1.0.1:
- S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
- RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation
The following people helped with this release:
Omair Majid (code), Andrew John Hughes (guidance on how to release)
After extracting (tar xzf icedtea-web-1.0.1.tar.gz), it can be built as per instructions here:
A security update is also available for IcedTea6 now.