Context Navigation

NEWS@ 419

Last change on this file since 419 was 418, checked in by dmik, 13 years ago
Merge icedtea-web v1.3 to trunk.
File size: 6.7 KB

Rev	Line
[348]	1	Key:
	2
	3	SX - http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=X
	4	PRX - http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=X
	5	RHX - https://bugzilla.redhat.com/show_bug.cgi?id=X
	6	DX - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=X
	7	GX - http://bugs.gentoo.org/show_bug.cgi?id=X
	8
	9	CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY
	10
[418]	11	New in release 1.3 (2012-09-04):
	12	* Security updates
	13	- CVE-2012-3422, RH840592: Potential read from an uninitialized memory location
	14	- CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings
	15	* NetX
	16	- PR898: signed applications with big jnlp-file doesn't start (webstart affect like "frozen")
	17	- PR811: javaws is not handling urls with spaces (and other characters needing encoding) correctly
[348]	18	* Plugin
[418]	19	- PR820: IcedTea-Web 1.1.3 crashing Firefox when loading Citrix XenApp
	20	- PR863: Error passing strings to applet methods in Chromium
	21	- PR895: IcedTea-Web searches for missing classes on each loadClass or findClass
	22	- PR861: Allow loading from non codebase hosts. Allow code to connect to hosting server
	23	- PR518: NPString.utf8characters not guaranteed to be nul-terminated
	24	- PR722: META-INF/ unsigned entries should be ignored in signing
	25	- PR855: AppletStub getDocumentBase() doesn't return full URL
	26	- PR1011: Folders treated as jar files in archive tag
	27	- PR1106: Buffer overflow in plugin table
	28	- PR975: Plugin should not include classpaths specified in jar manifests when using jnlp_href
	29	- PR588: Cookies not written from cookie jar to browser cookies
	30	* Common
	31	- PR918: java applet windows uses a low resulution black/white icon
	32	- RH838417: Disambiguate signed applet security prompt from certificate warning
	33	- RH838559: Disambiguate signed applet security prompt from certificate warning
	34	- RH720836: project can be compiled against GTK+ 2 or 3 librarie
	35	- PR955: regression: SweetHome3D fails to run
	36
	37	New in release 1.2 (2011-XX-XX):
	38	* Security updates:
	39	- RH718164, CVE-2011-2513: Home directory path disclosure to untrusted applications
	40	- RH718170, CVE-2011-2514: Java Web Start security warning dialog manipulation
	41	- RH742515, CVE-2011-3377: IcedTea-Web: second-level domain subdomains and suffix domain SOP bypass
	42	* NetX
	43	- PR618: Can't install OpenDJ, JavaWebStart fails with Input stream is null error
	44	- PR765: JNLP file with all resource jars marked as 'lazy' fails to validate signature and stops the launch of application
	45	- PR788: Elluminate Live! is not working
	46	- PR804: javaws launcher incorrectly handles file names with spaces
	47	* Plugin
[348]	48	- PR749: sun.applet.PluginStreamHandler#handleMessage(String) really slow
[418]	49	- PR782: Support building against npapi-sdk as well
	50	- PR838: IcedTea plugin crashes with chrome browser when javascript is executed
	51	- PR852: Classloader not being flushed after last applet from a site is closed
	52	- RH586194: Unable to connect to connect with Juniper VPN client
[348]	53	- RH718693: MindTerm SSH Applet doesn't work
	54	Common
	55	- PR768: Signed applets/Web Start apps don't work with OpenJDK7 and up
[418]	56	- PR771: IcedTea-Web certificate verification code does not use the right API
	57	- PR742: IcedTea-Web checks certs only upto 1 level deep before declaring them untrusted.
[348]	58	- PR769: IcedTea-Web does not work with some ssl sites with OpenJDK7
[418]	59	- PR778: Jar download and server certificate verification deadlock
	60	- PR789: typo in jrunscript.sh
	61	- PR794: IcedTea-Web does not work if a Web Start app jar has a Class-Path element in the manifest
	62	- PR808: javaws is unable to start, when missing jars are enumerated before main jar
[348]	63	- RH734081: Javaws cannot use proxy settings from Firefox
[418]	64	- RH738814: Access denied at ssl handshake
	65	- Support for authenticating using client certificates
[348]	66
[418]	67	New in release 1.1 (2011-XX-XX):
	68	* Security updates
	69	- S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
	70	- RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation
[348]	71	* New Features
	72	- IcedTea-Web now installs to a FHS-compliant location
	73	- IcedTea-Web can now handle Proxy Auto Config files
	74	- Binary launchers replaced with simple shell scripts
	75	- Can now use codebase_lookup=false with applets.
	76	* Common Fixes and Improvements
	77	- PR497: Mercurial revision detection not very reliable
	78	- PR638: JNLPClassLoader.loadClass(String name) can return null
	79	- RH677772: NoSuchAlgorithmException using SSL/TLS in javaws
	80	- PR724: Possible NullPointerException in JNLPClassLoader.getClassPathsFromManifest
	81	* NetX
	82	- Use Firefox's proxy settings if possible
	83	- The user's default browser (determined from xdg-open or $BROWSER) is used
	84	- RH669942: javaws fails to download version/packed files (missing support for jnlp.packEnabled and jnlp.versionEnabled)
[418]	85	- PR464: plugin can now load parameters from jnlp files.
[348]	86	- PR658: now jnlp.packEnabled works with applets.
	87	- PR726: closing javaws -about no longer throws exceptions.
	88	- PR727: cache now properly removes files.
	89	* Plugin
	90	- PR475, RH604061: Allow applets from the same page to use the same classloader
	91	- PR612: NetDania application ends on java.security.AccessControlException: access denied (java.util.PropertyPermission browser read)
	92	- PR664: Sound doesn't play on runescape.com.
	93	- PR721: IcedTeaPlugin.so cannot run g_main_context_iteration on a different thread unless a different GMainContext *context is used
	94	- PR735: Firefox 4 sometimes freezes if the applet calls showDocument()
	95
	96	New in release 1.0 (2010-XX-XX):
	97
	98	* Initial release of IcedTea-Web
	99	* Security updates
	100	- RH645843, CVE-2010-3860: IcedTea System property information leak via public static
	101	- RH672262, CVE-2011-0025: IcedTea jarfile signature verification bypass
	102	* Plugin
	103	- PR542: Plugin fails with NPE on http://www.openprocessing.org/visuals/iframe.php?visualID=2615
	104	- PR552: Support for FreeBSD's pthread implementation
	105	- PR554: System.err writes content two times
	106	- PR556: Applet initialization code is prone to race conditions
	107	- PR557: Applet opens in a separate window if tab is closed when the applet loads
	108	- PR565: UIDefaults.getUI fails with jgoodies:looks 2.3.1
	109	- PR593: Increment of invalidated iterator in IcedTeaPluginUtils (patch from barbara.xxx1975@libero.it)
	110	- PR597: Entities are parsed incorrectly in PARAM tag in applet plugin
	111	- PR619: Improper finalization by the plugin can crash the browser
	112	- Applets are now double-buffered to eliminate flicker in ones that do heavy drawing
	113	- RH665104: OpenJDK Firefox Java plugin loses a cookie
	114	* NetX
	115	- Add a new option -Xclearcache
	116	- Interfaces javax.jnlp.IntegrationService and javax.jnlp.DownloadService2 are now available
	117	- PR592: NetX can create invalid desktop entry files
	118	- RH663680, CVE-2010-4351: IcedTea JNLP SecurityManager bypass
	119	* Control Panel
	120	- Modifications to deployments.properties file can now be done through a GUI

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format