SUSE-SU-2013:0717-1: moderate: Security update for icedtea-web

sle-updates at sle-updates at
Fri Apr 26 23:04:27 MDT 2013

   SUSE Security Update: Security update for icedtea-web

Announcement ID:    SUSE-SU-2013:0717-1
Rating:             moderate
References:         #815596 
Cross-References:   CVE-2013-1926 CVE-2013-1927
Affected Products:
                    SUSE Linux Enterprise Desktop 11 SP2

   An update that fixes two vulnerabilities is now available.
   It includes one version update.


   This update to version 1.3.2 fixes several security updates
   and common  fixes. (bnc#815596)

   Security Updates

   * CVE-2013-1927: fixed gifar vulnerability
   * CVE-2013-1926: Class-loader incorrectly shared for
   applets with same relative-path.


   * Added new option in itw-settings which allows users
   to set JVM arguments when plugin is initialized. NetX
   * PR580: loads improperly


   * PR1260: IcedTea-Web should not rely on GTK obsoletes
   * PR1157: Applets can hang browser after fatal exception

   Security Issue references:

   * CVE-2013-1926
   * CVE-2013-1927

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Desktop 11 SP2:

      zypper in -t patch sledsp2-icedtea-web-7642

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64) [New Version: 1.3.2]:



More information about the sle-updates mailing list