Changeset 418 for trunk/icedtea-web/NEWS
- Timestamp:
- Feb 11, 2013, 8:53:47 PM (13 years ago)
- Location:
- trunk/icedtea-web
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/icedtea-web
-
Property svn:mergeinfo
set to
/branches/vendor/sourceforge/icedtea-web/1.3 merged eligible /branches/vendor/sourceforge/icedtea-web/current merged eligible
-
Property svn:mergeinfo
set to
-
trunk/icedtea-web/NEWS
r348 r418 9 9 CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY 10 10 11 New in release 1.1.2 (2011-08-31): 11 New in release 1.3 (2012-09-04): 12 * Security updates 13 - CVE-2012-3422, RH840592: Potential read from an uninitialized memory location 14 - CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings 15 * NetX 16 - PR898: signed applications with big jnlp-file doesn't start (webstart affect like "frozen") 17 - PR811: javaws is not handling urls with spaces (and other characters needing encoding) correctly 18 * Plugin 19 - PR820: IcedTea-Web 1.1.3 crashing Firefox when loading Citrix XenApp 20 - PR863: Error passing strings to applet methods in Chromium 21 - PR895: IcedTea-Web searches for missing classes on each loadClass or findClass 22 - PR861: Allow loading from non codebase hosts. Allow code to connect to hosting server 23 - PR518: NPString.utf8characters not guaranteed to be nul-terminated 24 - PR722: META-INF/ unsigned entries should be ignored in signing 25 - PR855: AppletStub getDocumentBase() doesn't return full URL 26 - PR1011: Folders treated as jar files in archive tag 27 - PR1106: Buffer overflow in plugin table 28 - PR975: Plugin should not include classpaths specified in jar manifests when using jnlp_href 29 - PR588: Cookies not written from cookie jar to browser cookies 30 * Common 31 - PR918: java applet windows uses a low resulution black/white icon 32 - RH838417: Disambiguate signed applet security prompt from certificate warning 33 - RH838559: Disambiguate signed applet security prompt from certificate warning 34 - RH720836: project can be compiled against GTK+ 2 or 3 librarie 35 - PR955: regression: SweetHome3D fails to run 36 37 New in release 1.2 (2011-XX-XX): 38 * Security updates: 39 - RH718164, CVE-2011-2513: Home directory path disclosure to untrusted applications 40 - RH718170, CVE-2011-2514: Java Web Start security warning dialog manipulation 41 - RH742515, CVE-2011-3377: IcedTea-Web: second-level domain subdomains and suffix domain SOP bypass 42 * NetX 43 - PR618: Can't install OpenDJ, JavaWebStart fails with Input stream is null error 44 - PR765: JNLP file with all resource jars marked as 'lazy' fails to validate signature and stops the launch of application 45 - PR788: Elluminate Live! is not working 46 - PR804: javaws launcher incorrectly handles file names with spaces 12 47 * Plugin 13 48 - PR749: sun.applet.PluginStreamHandler#handleMessage(String) really slow 49 - PR782: Support building against npapi-sdk as well 50 - PR838: IcedTea plugin crashes with chrome browser when javascript is executed 51 - PR852: Classloader not being flushed after last applet from a site is closed 52 - RH586194: Unable to connect to connect with Juniper VPN client 14 53 - RH718693: MindTerm SSH Applet doesn't work 15 54 Common 16 55 - PR768: Signed applets/Web Start apps don't work with OpenJDK7 and up 56 - PR771: IcedTea-Web certificate verification code does not use the right API 57 - PR742: IcedTea-Web checks certs only upto 1 level deep before declaring them untrusted. 17 58 - PR769: IcedTea-Web does not work with some ssl sites with OpenJDK7 59 - PR778: Jar download and server certificate verification deadlock 60 - PR789: typo in jrunscript.sh 61 - PR794: IcedTea-Web does not work if a Web Start app jar has a Class-Path element in the manifest 62 - PR808: javaws is unable to start, when missing jars are enumerated before main jar 18 63 - RH734081: Javaws cannot use proxy settings from Firefox 64 - RH738814: Access denied at ssl handshake 65 - Support for authenticating using client certificates 19 66 20 New in release 1.1.1 (2011-07-20): 21 * Security updates: 22 - RH718164, CVE-2011-2513: Home directory path disclosure to untrusted applications 23 - RH718170, CVE-2011-2514: Java Web Start security warning dialog manipulation 24 25 New in release 1.1 (2011-06-08): 67 New in release 1.1 (2011-XX-XX): 68 * Security updates 69 - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries 70 - RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation 26 71 * New Features 27 72 - IcedTea-Web now installs to a FHS-compliant location … … 38 83 - The user's default browser (determined from xdg-open or $BROWSER) is used 39 84 - RH669942: javaws fails to download version/packed files (missing support for jnlp.packEnabled and jnlp.versionEnabled) 85 - PR464: plugin can now load parameters from jnlp files. 40 86 - PR658: now jnlp.packEnabled works with applets. 41 87 - PR726: closing javaws -about no longer throws exceptions.
Note:
See TracChangeset
for help on using the changeset viewer.