Mercurial > hg > release > icedtea6-1.7
view patches/security/20110215/6983554.patch @ 2036:d063b76189d8
Security updates from Oracle SSR.
S6878713, CVE-2010-4469: Hotspot backward jsr heap corruption
S6907662, CVE-2010-4465: Swing timer-based security manager bypass
S6994263, CVE-2010-4472: Untrusted code allowed to replace DSIG/C14N implementation
S6981922, CVE-2010-4448: DNS cache poisoning by untrusted applets
S6983554, CVE-2010-4450: Launcher incorrect processing of empty library path entries
2011-02-09 Andrew John Hughes <ahughes@redhat.com>
* Makefile.am: Add new patches.
* NEWS: Updated.
* patches/icedtea-nio2.patch: Rejigged.
* patches/security/20110215/6878713.patch,
* patches/security/20110215/6907662.patch,
* patches/security/20110215/6981922.patch,
* patches/security/20110215/6983554.patch,
* patches/security/20110215/6994263.patch:
Security updates from Oracle SSR.
author | Andrew John Hughes <ahughes@redhat.com> |
---|---|
date | Wed, 09 Feb 2011 18:54:34 +0000 |
parents | |
children |
line wrap: on
line source
# HG changeset patch # User ksrini # Date 1288026697 25200 # Node ID 547ec9b43edde622a08cc9bae0f4e2efae861796 # Parent 9216ec4e4c1443fe854872630aa8b3726523c0c9 6983554: (launcher) Fix empty user's LD_LIBRARY_PATH environment variable in the launcher Reviewed-by: darcy, ohair, asaha diff --git a/src/solaris/bin/java_md.c b/src/solaris/bin/java_md.c --- openjdk/jdk/src/solaris/bin/java_md.c +++ openjdk/jdk/src/solaris/bin/java_md.c @@ -484,7 +484,7 @@ CreateExecutionEnvironment(int *_argcp, * LD_LIBRARY_PATH. Note that this prevents any possible infinite * loop of execv() because we test for the prefix, above. */ - if (runpath != 0) { + if (runpath != 0 && (runpath[0] != '\0')) { strcat(new_runpath, ":"); strcat(new_runpath, runpath); }