IcedTea-Web 1.1.6 and 1.2.1 [security releases] released!

IcedTea-Web 1.1.6 and 1.2.1 have now been released. In addition to bug fixes, they include 2 security fixes and it is therefore recommended that everyone upgrade to this release. The security issues fixed are:

RH840592, CVE-2012-3422: Use of uninitialized instance pointers
RH841345, CVE-2012-3423: Incorrect handling of non 0-terminated strings

Other fixes are listed in the NEWS files:
1.1.6 NEWS file
1.2.1 NEWS file

The following people helped with these releases:
Danesh Dadachanji
Adam Domurad
Omair Majid
Saad Mohammad
Jiri Vanek

Checksums:
2e330475fdcd1a83b3f411a1aa475d8d45c585842444d20bb9160bed689dc1f1 icedtea-web-1.1.6.tar.gz
134efcd429086a643ba03ec6e4da991527c3e5dfcd6ed6680a83824ad3f0cfd6 icedtea-web-1.2.1.tar.gz

Download links:
http://icedtea.classpath.org/download/source/icedtea-web-1.1.6.tar.gz
http://icedtea.classpath.org/download/source/icedtea-web-1.2.1.tar.gz

After extracting, it can be built as per instructions here:
http://icedtea.classpath.org/wiki/IcedTea-Web#Building_IcedTea-Web

About these ads

About dbhole

I am currently a Principal Software Engineer working at Red Hat Canada Ltd. While this blog may contain lots of development related information, all thoughts are my own and in no way reflect the opinion of Red Hat.

View all posts by dbhole →

This entry was posted in IcedTea. Bookmark the permalink.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s