Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 421031 (CVE-2012-1711)

Summary: <dev-java/icedtea{,-bin}-{,}: multiple vulnerabilities (CVE-2012-{1711,1717,1716,1713,1719,1718,1723,1724,1725,1726})
Product: Gentoo Security Reporter: Andrew John Hughes <gnu_andrew>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: normal CC: caster, java, proxy-maint
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Andrew John Hughes 2012-06-13 20:22:42 UTC
New IcedTea security releases are available:

The builds in dev-java/icedtea all need replacing with those from java-overlay.

Note that CVE-2012-1726 only affects IcedTea 2.x.
Comment 1 Sean Amoss (RETIRED) gentoo-dev Security 2012-06-15 14:10:48 UTC
Thanks for the report, Andrew.
Comment 2 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2012-06-16 17:15:34 UTC
Please stabilize dev-java/icedtea-bin-
Comment 3 Jeff (JD) Horelick (RETIRED) gentoo-dev 2012-06-17 06:24:09 UTC
x86 stable
Comment 4 Agostino Sarubbo gentoo-dev 2012-06-17 12:33:23 UTC
(In reply to comment #2)
> Please stabilize dev-java/icedtea-bin-

Please hide QA notice for ldflags
Comment 5 Agostino Sarubbo gentoo-dev 2012-06-17 15:01:56 UTC
amd64 stable
Comment 6 Sean Amoss (RETIRED) gentoo-dev Security 2012-06-18 22:53:15 UTC
Adding to existing GLSA draft (icedtea-bin). 

Reverting back to [ebuild] state while we wait for updated dev-java/icedtea.
Comment 7 Ralph Sennhauser (RETIRED) gentoo-dev 2012-06-19 21:05:42 UTC
Updated ebuilds are now in tree. Thanks to Andrew for the ebuilds and the extra effort spent on cacao.
Comment 8 Sean Amoss (RETIRED) gentoo-dev Security 2012-06-22 19:32:31 UTC
Thanks, everyone.

GLSA draft ready for review.
Comment 9 James Le Cuirot gentoo-dev 2015-05-10 21:37:10 UTC
I'm just going to close this since no one cares. These versions have long gone.