openSUSE Security Update : icedtea-web (openSUSE-SU-2012:0981-1)
High Nessus Plugin ID 74711
SynopsisThe remote openSUSE host is missing a security update.
Description- update to 1.2.1 (bnc#773458)
- Security Updates
- CVE-2012-3422, RH840592: Potential read from an uninitialized memory location
- CVE-2012-3423, RH841345: Incorrect handling of not 0-terminated strings
- PR898: signed applications with big jnlp-file doesn't start (webstart affect like 'frozen')
- PR811: javaws is not handling urls with spaces (and other characters needing encoding) correctly
- 816592: icedtea-web not loading GeoGebra java applets in Firefox or Chrome
- PR863: Error passing strings to applet methods in Chromium
- PR895: IcedTea-Web searches for missing classes on each loadClass or findClass
- PR518: NPString.utf8characters not guaranteed to be nul-terminated
- RH838417: Disambiguate signed applet security prompt from certificate warning
- RH838559: Disambiguate signed applet security prompt from certificate warning
SolutionUpdate the affected icedtea-web packages.