From Mageia wiki
MGASA-2012-0329
| Date: | November 9th, 2012 |
| Affected releases: | 1, 2 |
Description:
Updated icedtea-web packages fix security vulnerability:
A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a
malicious web page could cause a web browser using the IcedTea-Web plug-in
to crash or, possibly, execute arbitrary code (CVE-2012-4540).
Updated Packages:
Mageia 1:
icedtea-web-1.1.7-1.mga1
icedtea-web-javadoc-1.1.7-1.mga1
Mageia 2:
icedtea-web-1.3.1-1.mga2
icedtea-web-javadoc-1.3.1-1.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4540
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-November/020775.html
https://rhn.redhat.com/errata/RHSA-2012-1434.html
https://bugs.mageia.org/show_bug.cgi?id=8020
