Mercurial > hg > release > icedtea-web-1.0

view NEWS @ 104:ce4eb836f592

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix PR638: JNLPClassLoader.loadClass(String name) can return null 2011-02-22 Omair Majid <omajid@redhat.com> Mark Greenwood <mark@dcs.shef.ac.uk> Fix PR638 * NEWS: Update with fix. * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java (loadClass): Throw ClassNotFoundException instead of returning null. * AUTHORS: Update.
author Omair Majid <omajid@redhat.com>
date Tue, 22 Feb 2011 19:19:31 -0500
parents a7550fb352c5
children 05e15b654ff0
line wrap: on
line source

Key:

SX  - http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=X
PRX - http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=X
RHX - https://bugzilla.redhat.com/show_bug.cgi?id=X
DX  - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=X
GX  - http://bugs.gentoo.org/show_bug.cgi?id=X

CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY

New in release 1.0.2 (2011-XX-XX):
* Common Fixes and Improvements
  - PR638: JNLPClassLoader.loadClass(String name) can return null

New in release 1.0.1 (2011-02-15):

* Security updates
  - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries 
  - RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation

New in release 1.0 (2011-02-02):

* Initial release of IcedTea-Web
* Security updates
  - RH645843, CVE-2010-3860: IcedTea System property information leak via public static
  - RH663680, CVE-2010-4351: IcedTea JNLP SecurityManager bypass
  - RH672262, CVE-2011-0025: IcedTea jarfile signature verification bypass
* New Features
  - IcedTea-Web now uses a deployment.properties file to specify configuration
  - System-level as well as user-level deployment.properties files with locked configuration are supported
  - Preview of a Control Panel that allows configuring IcedTea-Web using a GUI
  - Static proxies are now supported using the deployment.properties file
  - User prompts can now be configured using the deployment.properties
  - Applications and applets can now have a Look and Feel different from rest of IcedTea-Web
* Common improvements and fixes
  - Clean up native directories on exit
  - Cached files with special characters in filenames are now handled correctly
  - Interfaces javax.jnlp.IntegrationService and javax.jnlp.DownloadService2 are now available
* Javaws improvments and fixes
  - PR592: NetX can create invalid desktop entry files
  - Add a new option -Xclearcache
  - Removed option -umask
  - Applications with non-public main classes are now supported.
  - JNLP files containing <component-desc> as well as <application-desc> will now work
  - The javaws.desktop file now points explicitly to NetX's javaws binary
  - PR625: Regression in NetX when dealing with nested jars
* Plugin improvements and fixes
  - PR542: Plugin fails with NPE on http://www.openprocessing.org/visuals/iframe.php?visualID=2615
  - PR552: Support for FreeBSD's pthread implementation
  - PR554: System.err writes content two times
  - PR556: Applet initialization code is prone to race conditions
  - PR557: Applet opens in a separate window if tab is closed when the applet loads
  - PR565: UIDefaults.getUI fails with jgoodies:looks 2.3.1
  - PR593: Increment of invalidated iterator in IcedTeaPluginUtils (patch from barbara.xxx1975@libero.it)
  - PR597: Entities are parsed incorrectly in PARAM tag in applet plugin
  - PR619: Improper finalization by the plugin can crash the browser
  - RH665104: OpenJDK Firefox Java plugin loses a cookie
  - JNLP files referenced in the applet tag are now parsed to detect applet properties
  - Applets are now double-buffered to eliminate flicker in ones that do heavy drawing