This bug was fixed in the package openjdk-6 - 6b18~pre4-0ubuntu2 --------------- openjdk-6 (6b18~pre4-0ubuntu2) lucid; urgency=low
* Fix typo in NPPlugin code. LP: #552287. -- Matthias Klose <[email protected]> Wed, 31 Mar 2010 10:41:11 +0200 ** Changed in: openjdk-6 (Ubuntu) Status: Triaged => Fix Released -- IcedTea6 1.8pre (6b18~pre3-0ubuntu1) buffer overflow, possible crasher https://bugs.launchpad.net/bugs/552287 You received this bug notification because you are a member of OpenJDK, which is subscribed to openjdk-6 in ubuntu. Status in “openjdk-6” package in Ubuntu: Fix Released Bug description: See Mozilla bug https://bugzilla.mozilla.org/show_bug.cgi?id=555342. (Apologies for this report, I'm not the person who discovered this bug and am relaying the discoverer's information.) 1) Ubuntu 10.04 b1 2) IcedTea6 1.8pre (6b18~pre3-0ubuntu1) 3) No buffer overflow 4) Buffer overflow See the steps to reproduce in the Mozilla bug; the buffer overflow is more dramatic in Firefox nightlies with out-of-process plugins because it always results in a crash in the plugin subprocesses. It will only sometimes result in a crash of the Firefox process. It's easier to just paste a fix for this bug than describe it more. The diff is against http://icedtea.classpath.org/hg/icedtea6 revision 911fc7449289. Marking security vulnerability for safety; I think this would be hard to exploit. _______________________________________________ Mailing list: https://launchpad.net/~openjdk Post to : [email protected] Unsubscribe : https://launchpad.net/~openjdk More help : https://help.launchpad.net/ListHelp
