[SECURITY] Fedora 18 Update: icedtea-web-1.3.1-1.fc18

updates at fedoraproject.org updates at fedoraproject.org
Sat Nov 10 05:12:51 UTC 2012


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-17827
2012-11-09 03:11:02
--------------------------------------------------------------------------------

Name        : icedtea-web
Product     : Fedora 18
Version     : 1.3.1
Release     : 1.fc18
URL         : http://icedtea.classpath.org/wiki/IcedTea-Web
Summary     : Java browser plug-in and Web Start implementation
Description :
The IcedTea-Web project provides a Java web browser plugin, an implementation
of Java Web Start (originally based on the Netx project) and a settings tool to
manage deployment settings for the aforementioned plugin and Web Start
implementations.

--------------------------------------------------------------------------------
Update Information:

This updates a recently found heap buffer overflow issue in IcedTea web. It fixes:

CVE-2012-4540 icedtea-web: IcedTeaScriptableJavaObject::invoke off-by-one heap-based buffer overflow
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update icedtea-web' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list