SUSE-SU-2012:1511-1: moderate: Security update for icedtea-web

sle-security-updates at sle-security-updates at
Tue Nov 20 10:08:42 MST 2012

   SUSE Security Update: Security update for icedtea-web

Announcement ID:    SUSE-SU-2012:1511-1
Rating:             moderate
References:         #784859 #785333 #786775 #787846 
Cross-References:   CVE-2012-4540
Affected Products:
                    SUSE Linux Enterprise Desktop 11 SP2

   An update that solves one vulnerability and has three fixes
   is now available. It includes one version update.


   The IcedTea-Web Java plugin has been updated to version
   1.3.1 to fix  various bugs and security issues.

   1.3.1 changes:

   * Security Updates o CVE-2012-4540, RH869040:
   Heap-based buffer overflow after triggering event attached
   to applet
   * Common o PR1161: X509VariableTrustManager does not
   work correctly with OpenJDK7 fixes the self-signed issue
   (mentioned in bnc#784859, bnc#785333, bnc#786775)

   Security Issue reference:

   * CVE-2012-4540

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-icedtea-web-7041

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.3.1]:



More information about the sle-security-updates mailing list