Mercurial > hg > release > icedtea-web-1.0

--- a/ChangeLog	Mon Feb 14 13:59:55 2011 -0500
+++ b/ChangeLog	Mon Feb 14 14:00:58 2011 -0500
@@ -1,3 +1,11 @@
+2011-02-11  Omair Majid  <omajid@redhat.com>
+
+	RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation
+	* NEWS: Updated.
+	* netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java
+	(initializeResources): Assign appropriate security descriptor based on
+	code signing.
+
 2011-02-11  Deepak Bhole <dbhole@redhat.com>

 	Fix S6983554, CVE-2010-4450: Launcher incorrect processing of empty
--- a/NEWS	Mon Feb 14 13:59:55 2011 -0500
+++ b/NEWS	Mon Feb 14 14:00:58 2011 -0500
@@ -12,6 +12,7 @@

 * Security updates
   - S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
+  - RH677332, CVE-2011-0706: IcedTea multiple signers privilege escalation

 New in release 1.0 (2011-02-02):
--- a/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Mon Feb 14 13:59:55 2011 -0500
+++ b/netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java	Mon Feb 14 14:00:58 2011 -0500
@@ -479,9 +479,15 @@
                         codebase = file.getResources().getMainJAR().getLocation();
                     }

-                    jarSecurity = new SecurityDesc(file,
+                    if (signing) {
+                        jarSecurity = new SecurityDesc(file,
                                                         SecurityDesc.ALL_PERMISSIONS,
                                                         codebase.getHost());
+                    } else {
+                        jarSecurity = new SecurityDesc(file,
+                                                        SecurityDesc.SANDBOX_PERMISSIONS,
+                                                        codebase.getHost());
+                    }
                 }

                 jarLocationSecurityMap.put(location, jarSecurity);