* SECURITY UPDATE: uninitialized pointer use flaw
- debian/patches/icedtea-web-CVE-2012-3422.patch: check for empty
instance_to_id_map hash and return error if so.
- CVE-2012-3422
* SECURITY UPDATE: incorrect handling of non NULL terminated strings
- debian/patches/icedtea-web-CVE-2012-3423.patch: ensure NPVariant
NPStrings are NULL terminated.
- CVE-2012-3423
* debian/patches/fix-plugin-error-on-chromium.patch: fix plugin
table initialization to check only that the subset of hooks that
it uses exists. (LP: #1025553)
-- Steve Beattie <email address hidden> Fri, 03 Aug 2012 21:10:50 -0700
This bug was fixed in the package icedtea-web - 1.2-2ubuntu3
---------------
icedtea-web (1.2-2ubuntu3) quantal; urgency=low
* SECURITY UPDATE: uninitialized pointer use flaw patches/ icedtea- web-CVE- 2012-3422. patch: check for empty to_id_map hash and return error if so. patches/ icedtea- web-CVE- 2012-3423. patch: ensure NPVariant patches/ fix-plugin- error-on- chromium. patch: fix plugin
- debian/
instance_
- CVE-2012-3422
* SECURITY UPDATE: incorrect handling of non NULL terminated strings
- debian/
NPStrings are NULL terminated.
- CVE-2012-3423
* debian/
table initialization to check only that the subset of hooks that
it uses exists. (LP: #1025553)
-- Steve Beattie <email address hidden> Fri, 03 Aug 2012 21:10:50 -0700