Date: Wed, 7 Nov 2012 19:46:27 +0100 From: Tomas Hoger <thoger@...hat.com> To: oss-security@...ts.openwall.com Subject: IcedTea-Web CVE-2012-4540 Hi! IcedTea-Web versions 1.1.7, 1.2.2 and 1.3.1 that were just released fix a buffer overflow IcedTeaScriptableJavaObject::invoke. The issue got CVE-2012-4540 assigned. http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-November/020775.html http://icedtea.classpath.org/hg/release/icedtea-web-1.3/rev/e7970f3da5fe -- Tomas Hoger / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ