Ubuntu: 1505-2: IcedTea-Web regression
Posted by Benjamin D. Thomas   
Ubuntu USN 1505-1 introduced a regression in the IcedTea-Web Java web browserplugin that prevented it from working with the Chromium web browser.
==========================================================================
Ubuntu Security Notice USN-1505-2
August 30, 2012

icedtea-web regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10
- Ubuntu 11.04

Summary:

USN 1505-1 introduced a regression in the IcedTea-Web Java web browser
plugin that prevented it from working with the Chromium web browser.

Software Description:
- icedtea-web: A web browser plugin to execute Java applets

Details:

USN-1505-1 fixed vulnerabilities in OpenJDK 6. As part of the update,
IcedTea-Web packages were upgraded to a new version. That upgrade
introduced a regression which prevented the IcedTea-Web plugin from
working with the Chromium web browser in Ubuntu 11.04 and Ubuntu 11.10.
This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

 It was discovered that multiple flaws existed in the CORBA (Common
 Object Request Broker Architecture) implementation in OpenJDK. An
 attacker could create a Java application or applet that used these
 flaws to bypass Java sandbox restrictions or modify immutable object
 data. (CVE-2012-1711, CVE-2012-1719)

 It was discovered that multiple flaws existed in the OpenJDK font
 manager's layout lookup implementation. A attacker could specially
 craft a font file that could cause a denial of service through
 crashing the JVM (Java Virtual Machine) or possibly execute arbitrary
 code. (CVE-2012-1713)

 It was discovered that the SynthLookAndFeel class from Swing in
 OpenJDK did not properly prevent access to certain UI elements
 from outside the current application context. An attacker could
 create a Java application or applet that used this flaw to cause a
 denial of service through crashing the JVM or bypass Java sandbox
 restrictions. (CVE-2012-1716)

 It was discovered that OpenJDK runtime library classes could create
 temporary files with insecure permissions. A local attacker could
 use this to gain access to sensitive information. (CVE-2012-1717)

 It was discovered that OpenJDK did not handle CRLs (Certificate
 Revocation Lists) properly. A remote attacker could use this to gain
 access to sensitive information. (CVE-2012-1718)

 It was discovered that the OpenJDK HotSpot Virtual Machine did not
 properly verify the bytecode of the class to be executed. A remote
 attacker could create a Java application or applet that used this
 to cause a denial of service through crashing the JVM or bypass Java
 sandbox restrictions. (CVE-2012-1723, CVE-2012-1725)

 It was discovered that the OpenJDK XML (Extensible Markup Language)
 parser did not properly handle some XML documents. An attacker could
 create an XML document that caused a denial of service in a Java
 application or applet parsing the document. (CVE-2012-1724)

 As part of this update, the IcedTea web browser applet plugin was
 updated for Ubuntu 10.04 LTS, Ubuntu 11.04, and Ubuntu 11.10.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
  icedtea-6-plugin                1.2-2ubuntu0.11.10.3

Ubuntu 11.04:
  icedtea-6-plugin                1.2-2ubuntu0.11.04.3

After a standard system update you need to restart your web browser
to make all the necessary changes.

References:
  http://www.ubuntu.com/usn/usn-1505-2
  http://www.ubuntu.com/usn/usn-1505-1
  https://launchpad.net/bugs/1025553

Package Information:
  https://launchpad.net/ubuntu/+source/icedtea-web/1.2-2ubuntu0.11.10.3
  https://launchpad.net/ubuntu/+source/icedtea-web/1.2-2ubuntu0.11.04.3