IcedTea6 1.11.4 and 1.10.9 have been released, fixing two security issues. Updated packages have been uploaded for Mageia 1 and Mageia 2. Advisory: ======================== Updated java-1.6.0-openjdk packages fix security vulnerabilities: IcedTea6 has been updated to versions 1.10.9 and 1.11.4, which fix an XMLDecoder security issue via ClassFinder (CVE-2012-1682) and an issue with AWT internals references (CVE-2012-0547), along with other bugs. References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-0547 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-1682 http://blog.fuseyism.com/index.php/2012/08/31/security-icedtea6-1-10-9-1-11-4-icedtea-2-3-2-released/ http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html ======================== Updated packages in core/updates_testing: ======================== java-1.6.0-openjdk-1.6.0.0-29.b22.1.mga1 java-1.6.0-openjdk-devel-1.6.0.0-29.b22.1.mga1 java-1.6.0-openjdk-demo-1.6.0.0-29.b22.1.mga1 java-1.6.0-openjdk-src-1.6.0.0-29.b22.1.mga1 java-1.6.0-openjdk-javadoc-1.6.0.0-29.b22.1.mga1 java-1.6.0-openjdk-1.6.0.0-34.b24.1.mga2 java-1.6.0-openjdk-devel-1.6.0.0-34.b24.1.mga2 java-1.6.0-openjdk-demo-1.6.0.0-34.b24.1.mga2 java-1.6.0-openjdk-src-1.6.0.0-34.b24.1.mga2 java-1.6.0-openjdk-javadoc-1.6.0.0-34.b24.1.mga2 from SRPMS: java-1.6.0-openjdk-1.6.0.0-29.b22.1.mga1.src.rpm java-1.6.0-openjdk-1.6.0.0-34.b24.1.mga2.src.rpm
Whiteboard: (none) => MGA1TOO
Tested MGA2, 32-bits. Works here with icedtea with both Firefox, Google Chrome (Complains about newer version ?) and Opera.
CC: (none) => tolhildan_123
Testing Mga2 64 Thanks Tolhidan, adding whiteboard keyword No PoC's for these so just testing java 1.6 with icedtea-web in various browsers.
Whiteboard: MGA1TOO => MGA1TOO mga2-32-OK
Testing complete x86_64 mga2 http://www.java.com/en/download/testjava.jsp
Hardware: i586 => AllWhiteboard: MGA1TOO mga2-32-OK => MGA1TOO mga2-32-OK mga2-64-OK
Testing complete mga1 i586
Whiteboard: MGA1TOO mga2-32-OK mga2-64-OK => MGA1TOO mga2-32-OK mga2-64-OK mga1-32-OK
Testing complete mga1 x86_64 Validating See comment 0 for advisory and srpms Could sysadmin please push from core/updates_testing to core/updates Thanks!
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: MGA1TOO mga2-32-OK mga2-64-OK mga1-32-OK => MGA1TOO mga2-32-OK mga2-64-OK mga1-32-OK mga1-64-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0252
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED