Mercurial > hg > release > icedtea-web-1.3

changeset 513:25dd7c7ac39c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path.
author Jiri Vanek <jvanek@redhat.com>
date Thu, 11 Apr 2013 12:29:47 +0200
parents c8544250d5b2
children 88fb945c9397
files ChangeLog NEWS netx/net/sourceforge/jnlp/NetxPanel.java
diffstat 3 files changed, 10 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Wed Apr 10 18:31:56 2013 +0200
+++ b/ChangeLog	Thu Apr 11 12:29:47 2013 +0200
@@ -1,3 +1,10 @@
+2013-04-11 Adam Domurad  <adomurad@redhat.com>
+
+	CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with
+	same relative-path.
+	* netx/net/sourceforge/jnlp/NetxPanel.java: (NetxPanel) Construct
+	unique-key with absolute path
+
 2013-04-10  Jiri Vanek <jvanek@redhat.com>
 
 	Fixed gifar vulnereability with automated testcase
--- a/NEWS	Wed Apr 10 18:31:56 2013 +0200
+++ b/NEWS	Thu Apr 11 12:29:47 2013 +0200
@@ -10,7 +10,8 @@
 
 New in release 1.3.2 (2013-04-17):
 * Security Updates
-  - CVE-2013-1927, RH884705 - fixed gifar vulnerability
+  - CVE-2013-1927, RH884705: fixed gifar vulnerability
+  - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path.
 * Common
   - Added new option in itw-settings which allows users to set JVM arguments when plugin is initialized.
 * Plugin
--- a/netx/net/sourceforge/jnlp/NetxPanel.java	Wed Apr 10 18:31:56 2013 +0200
+++ b/netx/net/sourceforge/jnlp/NetxPanel.java	Thu Apr 11 12:29:47 2013 +0200
@@ -77,11 +77,6 @@
          * bad tag cannot trick the loader into getting shared with another.
          */
 
-        // Firefox sometimes skips the codebase if it is default  -- ".", 
-        // so set it that way if absent
-        String codebaseAttr =      atts.get("codebase") != null ?
-                                   atts.get("codebase") : ".";
-
         String cache_archiveAttr = atts.get("cache_archive") != null ? 
                                    atts.get("cache_archive") : "";
 
@@ -91,7 +86,7 @@
         String archiveAttr =       atts.get("archive") != null ? 
                                    atts.get("archive") : "";
 
-        this.uKey = "codebase=" + codebaseAttr +
+        this.uKey = "codebase=" + getCodeBase().toExternalForm() +
                     "cache_archive=" + cache_archiveAttr + 
                     "java_archive=" + java_archiveAttr + 
                     "archive=" +  archiveAttr;