-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: icedtea-web Binary: icedtea-netx, icedtea-plugin, icedtea6-plugin, icedtea-netx-common, icedtea-6-plugin, icedtea-7-plugin Architecture: amd64 armel armhf hurd-i386 i386 ia64 kfreebsd-amd64 kfreebsd-i386 powerpc s390 s390x sparc all Version: 1.4-3~deb7u2 Maintainer: OpenJDK Team <[email protected]> Uploaders: Matthias Klose <[email protected]>, Damien Raude-Morvan <[email protected]> Homepage: http://icedtea.classpath.org/wiki/IcedTea-Web Standards-Version: 3.9.3 Vcs-Browser: https://code.launchpad.net/~openjdk/openjdk/icedtea-web Vcs-Bzr: http://bazaar.launchpad.net/~openjdk/openjdk/icedtea-web Build-Depends: debhelper (>= 5), xulrunner-dev (>= 1.9.1.3-3) [!alpha !sparc64], openjdk-7-jdk, zip, lsb-release, libgtk2.0-dev, pkg-config, default-jre-headless Package-List: icedtea-6-plugin deb web extra icedtea-7-plugin deb web extra icedtea-netx deb java extra icedtea-netx-common deb java extra icedtea-plugin deb web extra icedtea6-plugin deb web extra Checksums-Sha1: c8256174c7a7b55de2025073344494fb1b6377da 1364883 icedtea-web_1.4.orig.tar.gz 4e90bcce332fb0b68f4aeae21b0d269a2b16254e 32301 icedtea-web_1.4-3~deb7u2.debian.tar.gz Checksums-Sha256: e53a41fa132e086fa8d17cadf1e7e38cb3ab99577277949fbcae4ab8705245fb 1364883 icedtea-web_1.4.orig.tar.gz 607cf1bafcb46df5b457ea535dea89a423b5d37933e0d57db4e6f23f569990af 32301 icedtea-web_1.4-3~deb7u2.debian.tar.gz Files: 97c1d5f02f9a4ab19812a216f39e401a 1364883 icedtea-web_1.4.orig.tar.gz aa710e5a7ec033365e6db1a06fee7874 32301 icedtea-web_1.4-3~deb7u2.debian.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQIcBAEBCgAGBQJSTDnEAAoJEHidbwV/2GP+u4YP/2KfQ4N0lDDJaZCMmHkve5d8 nSj/k0E57zdKRf/pBse955cKid/yB5VOqGk2rHgYU0Gm3Y8CxfaXVvmX6dsFWgf5 OgckUBrLq1XrLggDxAPQ79WY+Y+RTqPqanGKplG7qGF/WKj+uq7CDb3DobFZXIVw uFziHwU3/J1ChPWZZsSumFfD2R7RFMeJHRCNTgPuTf9kW8MFcm1utI/hCFd7cTbn tPeWa5XJsHKffo4oKfViTMqW74nGkbowcKfKHo5DEPfRCWXJZ0FZuHl9hehMLJBb 4Yw/e/RrljL64w2g5L7+gw8FPguqvGFFGwsbcdUdjtV1EPlp/fT0HVVarFvT+khO Wa3gWVYkkbxm/8DC6UXqcviWggL8skN2GuNjdvkKxkvJvnCi8LlFqKNZi1GataAG HEr7Po7w3CB9gik+HYnL1gzsRclvGcWI3v/WGThQWxrmDGsGOkvMod5v2EkbmTYv KuAg1vw+HKIYpBKpzP4qtRGh4r2/5o8mAXtslQFHhPV9+pNLfD/9NEjTHm5fbHmv L3flc14C9Or4ozKOy6hItCY9eHI7yB1ZQNxGa3Tj7iPA+rMEA0/l+RicowxPv7C2 Qo9Tw2u6eyWWM370p6DbhWtdjQTnFiqgJTaYsdqqcSD4SJFbf78O/pigDdUfTk0D /yD+1T5at45TuIDrjSxL =GKSU -----END PGP SIGNATURE----- Changes: icedtea-web (1.4-3~deb7u2) wheezy-security; urgency=high * Non-maintainer upload by the Security Team. * Add CVE-2013-4349.diff patch. CVE-2013-4349: Fix IcedTeaScriptableJavaObject::invoke off-by-one heap-based buffer overflow after triggering event attached to applets. (Closes: #723118) -- Salvatore Bonaccorso <[email protected]> Wed, 02 Oct 2013 17:11:22 +0200
