IcedTea-Web 1.0.1 released!

IcedTea-Web 1.0.1 has been released. This is a security fix only release and addresses a couple of security issues.

What’s new in 1.0.1:

  • S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
  • RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation

The following people helped with this release:
Omair Majid (code), Andrew John Hughes (guidance on how to release)

Checksum:
cfcb17e94d6cd406e7aceb08de2ae7c03fe3f2a730829cc5ac54ca6a90a9d46e icedtea-web-1.0.1.tar.gz

Download link:
http://icedtea.classpath.org/download/source/icedtea-web-1.0.1.tar.gz

After extracting (tar xzf icedtea-web-1.0.1.tar.gz),  it can be built as per instructions here:
http://icedtea.classpath.org/wiki/IcedTea-Web#Building_IcedTea-Web

 
A security update is also available for IcedTea6 now.

About these ads

About dbhole

I have been a member of the Java Group at Red Hat since mid-2008. I started off as an engineer and in late 2012, I switched to the dark side, a.k.a management :) I now manage all the members in the Java Group and some members from the QE team dedicated to JDK/component related QE.
This entry was posted in IcedTea. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s