Mercurial > hg > release > icedtea-web-1.3
changeset 503:b8bd24f0aad1
Merge
| author | Deepak Bhole <dbhole@redhat.com> |
|---|---|
| date | Wed, 07 Nov 2012 13:06:52 -0500 |
| parents | fa508a6abb25 (diff) 0cea56c371db (current diff) |
| children | b96993bf1061 |
| files | ChangeLog |
| diffstat | 5 files changed, 29 insertions(+), 17 deletions(-) [+] |
line wrap: on
line diff
--- a/.hgtags Fri Nov 02 13:48:52 2012 +0100 +++ b/.hgtags Wed Nov 07 13:06:52 2012 -0500 @@ -2,3 +2,4 @@ b605505179459c9f2119e4dfde999fc6300e4c87 icedtea-web-1.1-branchpoint 41f03d932cdf040a89d09c5683fcc7dac6fd2003 icedtea-web-1.2-branchpoint 03ac5dc76069aac927946ccc26698f52e1965260 icedtea-web-1.3 +89d481ff6266fdd80f65afeb41b22f23e8371350 icedtea-web-1.3.1
--- a/ChangeLog Fri Nov 02 13:48:52 2012 +0100 +++ b/ChangeLog Wed Nov 07 13:06:52 2012 -0500 @@ -21,6 +21,23 @@ * tests/reproducers/custom/AppletFolderInArchiveTag/srcs/Makefile: and * tests/reproducers/custom/UnsignedContentInMETAINF/srcs/Makefile: following above renaming +2012-11-01 Deepak Bhole <dbhole@redhat.com> + + * configure.ac: Prepare for 1.3.2 + * NEWS: Same + +2012-11-01 Deepak Bhole <dbhole@redhat.com> + + * configure.ac: Prepare for 1.3.1 + * NEWS: Same + +2012-11-01 Deepak Bhole <dbhole@redhat.com> + + CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event + attached to applet + * plugin/icedteanp/IcedTeaScriptablePluginObject.cc: Removed unnecessary + heap allocations. + 2012-09-17 Deepak Bhole <dbhole@redhat.com> PR1161: X509VariableTrustManager does not work correctly with OpenJDK7
--- a/NEWS Fri Nov 02 13:48:52 2012 +0100 +++ b/NEWS Wed Nov 07 13:06:52 2012 -0500 @@ -8,7 +8,13 @@ CVE-XXXX-YYYY: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=XXXX-YYYY -New in release 1.3.1 (2012-XX-XX): +New in release 1.3.2 (2012-XX-XX): + +New in release 1.3.1 (2012-11-07): +* Security Updates + - CVE-2012-4540, RH869040: Heap-based buffer overflow after triggering event attached to applet +* Common + - PR1161: X509VariableTrustManager does not work correctly with OpenJDK7 New in release 1.3 (2012-09-04): * Security updates
--- a/configure.ac Fri Nov 02 13:48:52 2012 +0100 +++ b/configure.ac Wed Nov 07 13:06:52 2012 -0500 @@ -1,4 +1,4 @@ -AC_INIT([icedtea-web],[1.3.1pre],[distro-pkg-dev@openjdk.java.net], [icedtea-web], [http://icedtea.classpath.org/wiki/IcedTea-Web]) +AC_INIT([icedtea-web],[1.3.2pre],[distro-pkg-dev@openjdk.java.net], [icedtea-web], [http://icedtea.classpath.org/wiki/IcedTea-Web]) AM_INIT_AUTOMAKE([1.9 tar-pax foreign]) AC_CONFIG_FILES([Makefile netx.manifest])
--- a/plugin/icedteanp/IcedTeaScriptablePluginObject.cc Fri Nov 02 13:48:52 2012 +0100 +++ b/plugin/icedteanp/IcedTeaScriptablePluginObject.cc Wed Nov 07 13:06:52 2012 -0500 @@ -591,10 +591,7 @@ if (java_result->error_occurred) { - // error message must be allocated on heap - char* error_msg = (char*) malloc(java_result->error_msg->length()*sizeof(char)); - strcpy(error_msg, java_result->error_msg->c_str()); - browser_functions.setexception(npobj, error_msg); + browser_functions.setexception(npobj, java_result->error_msg->c_str()); return false; } @@ -853,11 +850,7 @@ createJavaObjectFromVariant(instance, args[i], &id); if (id == "0") { - // error message must be allocated on heap - char* error_msg = (char*) malloc(1024*sizeof(char)); - strcpy(error_msg, "Unable to create argument on Java side"); - - browser_functions.setexception(npobj, error_msg); + browser_functions.setexception(npobj, "Unable to create argument on Java side"); return false; } @@ -871,12 +864,7 @@ if (java_result->error_occurred) { - // error message must be allocated on heap - int length = java_result->error_msg->length(); - char* error_msg = (char*) malloc((length+1)*sizeof(char)); - strcpy(error_msg, java_result->error_msg->c_str()); - - browser_functions.setexception(npobj, error_msg); + browser_functions.setexception(npobj, java_result->error_msg->c_str()); return false; }