Mercurial > hg > release > icedtea-web-1.0
view NEWS @ 131:7ee2e487f4e2
PR768: Signed applets/Web Start apps don't work with OpenJDK7 and up
author | Deepak Bhole <dbhole@redhat.com> |
---|---|
date | Wed, 03 Aug 2011 14:11:11 -0400 |
parents | a20bd5a4d035 |
children | c93e44ff65f8 |
line wrap: on
line source
Key: SX - http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=X PRX - http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=X RHX - https://bugzilla.redhat.com/show_bug.cgi?id=X DX - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=X GX - http://bugs.gentoo.org/show_bug.cgi?id=X CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY New in release 1.0.5 (2011-XX-XX): * Plugin - PR749: sun.applet.PluginStreamHandler#handleMessage(String) really slow Common - PR768: Signed applets/Web Start apps don't work with OpenJDK7 and up New in release 1.0.4 (2011-07-20): * Security updates: - RH718164, CVE-2011-2513: Home directory path disclosure to untrusted applications - RH718170, CVE-2011-2514: Java Web Start security warning dialog manipulation New in release 1.0.3 (2011-06-13): * Plugin - PR721: IcedTeaPlugin.so cannot run g_main_context_iteration on a different thread unless a different GMainContext *context is used - PR735: Firefox 4 sometimes freezes if the applet calls showDocument() - RH691259: Midori sends a SIGSEGV with the IcedTea NP Plugin New in release 1.0.2 (2011-04-04): * Common Fixes and Improvements - PR638: JNLPClassLoader.loadClass(String name) can return null - RH677772: NoSuchAlgorithmException using SSL/TLS in javaws * Plugin - PR612: NetDania application ends on java.security.AccessControlException: access denied (java.util.PropertyPermission browser read) - Replace binary PDF documentation with editable HTML version. New in release 1.0.1 (2011-02-15): * Security updates - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries - RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation New in release 1.0 (2011-02-02): * Initial release of IcedTea-Web * Security updates - RH645843, CVE-2010-3860: IcedTea System property information leak via public static - RH663680, CVE-2010-4351: IcedTea JNLP SecurityManager bypass - RH672262, CVE-2011-0025: IcedTea jarfile signature verification bypass * New Features - IcedTea-Web now uses a deployment.properties file to specify configuration - System-level as well as user-level deployment.properties files with locked configuration are supported - Preview of a Control Panel that allows configuring IcedTea-Web using a GUI - Static proxies are now supported using the deployment.properties file - User prompts can now be configured using the deployment.properties - Applications and applets can now have a Look and Feel different from rest of IcedTea-Web * Common improvements and fixes - Clean up native directories on exit - Cached files with special characters in filenames are now handled correctly - Interfaces javax.jnlp.IntegrationService and javax.jnlp.DownloadService2 are now available * Javaws improvments and fixes - PR592: NetX can create invalid desktop entry files - Add a new option -Xclearcache - Removed option -umask - Applications with non-public main classes are now supported. - JNLP files containing <component-desc> as well as <application-desc> will now work - The javaws.desktop file now points explicitly to NetX's javaws binary - PR625: Regression in NetX when dealing with nested jars * Plugin improvements and fixes - PR542: Plugin fails with NPE on http://www.openprocessing.org/visuals/iframe.php?visualID=2615 - PR552: Support for FreeBSD's pthread implementation - PR554: System.err writes content two times - PR556: Applet initialization code is prone to race conditions - PR557: Applet opens in a separate window if tab is closed when the applet loads - PR565: UIDefaults.getUI fails with jgoodies:looks 2.3.1 - PR593: Increment of invalidated iterator in IcedTeaPluginUtils (patch from barbara.xxx1975@libero.it) - PR597: Entities are parsed incorrectly in PARAM tag in applet plugin - PR619: Improper finalization by the plugin can crash the browser - RH665104: OpenJDK Firefox Java plugin loses a cookie - JNLP files referenced in the applet tag are now parsed to detect applet properties - Applets are now double-buffered to eliminate flicker in ones that do heavy drawing