IcedTea-Web 1.0.6 and 1.1.4 (security releases) released

Posted on November 8, 2011 by

IcedTea-Web 1.0.6 and 1.1.4 have been released. These are security fix only
releases and address a security issue classified as having moderate impact.

What’s new in 1.0.6 and 1.1.4:

  • RH742515, CVE-2011-3377: IcedTea-Web: second-level domain subdomains and suffix domain SOP bypass

The following people helped with this release:
Omair Majid

Checksums:
44a770da85fd2e342ab09e065798a07d04601ea51879df4a5e88f804e4f02eba icedtea-web-1.0.6.tar.gz
b17a742af0153b7887cf667a160f8519afad125bc515b0f4783c66e7ee1a7f26 icedtea-web-1.1.4.tar.gz

Download links:
http://icedtea.classpath.org/download/source/icedtea-web-1.0.6.tar.gz
http://icedtea.classpath.org/download/source/icedtea-web-1.1.4.tar.gz

After extracting, it can be built as per instructions here:
http://icedtea.classpath.org/wiki/IcedTea-Web#Building_IcedTea-Web

About these ads

About dbhole

I am currently a Principal Software Engineer working at Red Hat Canada Ltd. While this blog may contain lots of development related information, all thoughts are my own and in no way reflect the opinion of Red Hat.
This entry was posted in IcedTea. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s