From the News file in the tarball: New in release 1.12.8 (2014-01-22): * Security fixes - S6727821: Enhance JAAS Configuration - S7068126, CVE-2014-0373: Enhance SNMP statuses - S8010935: Better XML handling - S8011786, CVE-2014-0368: Better applet networking - S8021257, CVE-2013-5896: com.sun.corba.se.** should be on restricted package list - S8022904: Enhance JDBC Parsers - S8022927: Input validation for byte/endian conversions - S8022935: Enhance Apache resolver classes - S8022945: Enhance JNDI implementation classes - S8023057: Enhance start up image display - S8023069, CVE-2014-0411: Enhance TLS connections - S8023245, CVE-2014-0423: Enhance Beans decoding - S8023301: Enhance generic classes - S8023672: Enhance jar file validation - S8024306, CVE-2014-0416: Enhance Subject consistency - S8024530: Enhance font process resilience - S8024867: Enhance logging start up - S8025014: Enhance Security Policy - S8025018, CVE-2014-0376: Enhance JAX-P set up - S8025026, CVE-2013-5878: Enhance canonicalization - S8025034, CVE-2013-5907: Improve layout lookups - S8025448: Enhance listening events - S8025758, CVE-2014-0422: Enhance Naming management - S8025767, CVE-2014-0428: Enhance IIOP Streams - S8026172: Enhance UI Management - S8026176: Enhance document printing - S8026193, CVE-2013-5884: Enhance CORBA stub factories - S8026204: Enhance auth login contexts - S8026417, CVE-2013-5910: Enhance XML canonicalization - S8027201, CVE-2014-0376: Enhance JAX-P set up
Ebuild for icedtea-6.1.13.1 now in tree. Please note: - icedtea-6.1.13.0 is vulnerable as well - those who want to stay with the 1.12 branch for now can find icedtea-6.1.12.8 in the java overlay. *icedtea-6.1.13.1 (29 Jan 2014) 29 Jan 2014; Ralph Sennhauser <sera@gentoo.org> +icedtea-6.1.13.1.ebuild: Security bump #499464
(In reply to Ralph Sennhauser from comment #1) > Ebuild for icedtea-6.1.13.1 now in tree. > > Please note: > - icedtea-6.1.13.0 is vulnerable as well > - those who want to stay with the 1.12 branch for now can find > icedtea-6.1.12.8 in the java overlay. > > > *icedtea-6.1.13.1 (29 Jan 2014) > > 29 Jan 2014; Ralph Sennhauser <sera@gentoo.org> +icedtea-6.1.13.1.ebuild: > Security bump #499464 what about the -bin?
icedtea-bin-6.1.13.3 is being stabilized for bug 508270 which will resolve this as well
I'm just going to close this since no one cares. This version has long gone.