Ubuntu 1907-2: IcedTea Web update

    Date16 Jul 2013
    CategoryUbuntu
    62
    Posted ByLinuxSecurity Advisories
    IcedTea Web updated to work with new OpenJDK 7.
    
    ==========================================================================
    Ubuntu Security Notice USN-1907-2
    July 16, 2013
    
    icedtea-web update
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 13.04
    - Ubuntu 12.10
    - Ubuntu 12.04 LTS
    
    Summary:
    
    IcedTea Web updated to work with new OpenJDK 7.
    
    Software Description:
    - icedtea-web: A web browser plugin to execute Java applets
    
    Details:
    
    USN-1907-1 fixed vulnerabilities in OpenJDK 7. Due to upstream changes,
    IcedTea Web needed an update to work with the new OpenJDK 7.
    
    Original advisory details:
    
     Several vulnerabilities were discovered in the OpenJDK JRE related to
     information disclosure and data integrity. An attacker could exploit these
     to expose sensitive data over the network. (CVE-2013-1500, CVE-2013-2454,
     CVE-2013-2458)
    
     A vulnerability was discovered in the OpenJDK Javadoc related to data
     integrity. (CVE-2013-1571)
    
     A vulnerability was discovered in the OpenJDK JRE related to information
     disclosure and availability. An attacker could exploit this to cause a
     denial of service or expose sensitive data over the network.
     (CVE-2013-2407)
    
     Several vulnerabilities were discovered in the OpenJDK JRE related to
     information disclosure. An attacker could exploit these to expose sensitive
     data over the network. (CVE-2013-2412, CVE-2013-2443, CVE-2013-2446,
     CVE-2013-2447, CVE-2013-2449, CVE-2013-2452, CVE-2013-2456)
    
     Several vulnerabilities were discovered in the OpenJDK JRE related to
     availability. An attacker could exploit these to cause a denial of service.
     (CVE-2013-2444, CVE-2013-2445, CVE-2013-2450)
    
     Several vulnerabilities were discovered in the OpenJDK JRE related to
     information disclosure, data integrity and availability. An attacker could
     exploit these to cause a denial of service or expose sensitive data over
     the network. (CVE-2013-2448, CVE-2013-2451, CVE-2013-2459, CVE-2013-2460,
     CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470,
     CVE-2013-2471, CVE-2013-2472, CVE-2013-2473)
    
     Several vulnerabilities were discovered in the OpenJDK JRE related to data
     integrity. (CVE-2013-2453, CVE-2013-2455, CVE-2013-2457)
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 13.04:
      icedtea-netx                    1.3.2-1ubuntu1.1
    
    Ubuntu 12.10:
      icedtea-netx                    1.3.2-1ubuntu0.12.10.2
    
    Ubuntu 12.04 LTS:
      icedtea-netx                    1.2.3-0ubuntu0.12.04.3
    
    After a standard system update you need to restart your browser to make
    all the necessary changes.
    
    References:
      http://www.ubuntu.com/usn/usn-1907-2
      http://www.ubuntu.com/usn/usn-1907-1
      https://launchpad.net/bugs/1201908
    
    Package Information:
      https://launchpad.net/ubuntu/+source/icedtea-web/1.3.2-1ubuntu1.1
      https://launchpad.net/ubuntu/+source/icedtea-web/1.3.2-1ubuntu0.12.10.2
      https://launchpad.net/ubuntu/+source/icedtea-web/1.2.3-0ubuntu0.12.04.3
    
    
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":55.56,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":11.11,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"15","type":"x","order":"3","pct":33.33,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.