IcedTea-Web 1.1.6 and 1.2.1 [security releases] released!

IcedTea-Web 1.1.6 and 1.2.1 have now been released. In addition to bug fixes, they include 2 security fixes and it is therefore recommended that everyone upgrade to this release. The security issues fixed are:

RH840592, CVE-2012-3422: Use of uninitialized instance pointers
RH841345, CVE-2012-3423: Incorrect handling of non 0-terminated strings

Other fixes are listed in the NEWS files:
1.1.6 NEWS file
1.2.1 NEWS file

The following people helped with these releases:
Danesh Dadachanji
Adam Domurad
Omair Majid
Saad Mohammad
Jiri Vanek

2e330475fdcd1a83b3f411a1aa475d8d45c585842444d20bb9160bed689dc1f1 icedtea-web-1.1.6.tar.gz
134efcd429086a643ba03ec6e4da991527c3e5dfcd6ed6680a83824ad3f0cfd6 icedtea-web-1.2.1.tar.gz

Download links:

After extracting, it can be built as per instructions here:


About dbhole

I have been a member of the Java Group at Red Hat since mid-2008. I started off as an engineer and in late 2012, I switched to the dark side, a.k.a management :) I now manage all the members in the Java Group and some members from the QE team dedicated to JDK/component related QE.
This entry was posted in IcedTea. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s