Critical: icedtea-web (SL6)

By Scientific Linux Team on November 7, 2012

Synopsis: Critical: icedtea-web security update
Issue Date: 2012-11-07
CVE Numbers: CVE-2012-4540

A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a
malicious web page could cause a web browser using the IcedTea-Web plug-in
to crash or, possibly, execute arbitrary code. (CVE-2012-4540)

This erratum also upgrades IcedTea-Web to version 1.2.2.

Web browsers using the IcedTea-Web browser plug-in must be restarted for
this update to take effect.

SL6
x86_64
icedtea-web-1.2.2-1.el6_3.x86_64.rpm
icedtea-web-javadoc-1.2.2-1.el6_3.x86_64.rpm
i386
icedtea-web-1.2.2-1.el6_3.i686.rpm
icedtea-web-javadoc-1.2.2-1.el6_3.i686.rpm

– Scientific Linux Development Team