RH742515, CVE-2011-3377: IcedTea-Web: second-level domain subdomains and suffix domain SOP bypass

author: Deepak Bhole <[email protected]> 2011-10-28 14:29:21 -0400
committer: Deepak Bhole <[email protected]> 2011-10-28 14:29:21 -0400
commit: fa8353ea0077bca56e22962c47354454e75278c4 (patch)
tree: d1b842c44c506a0ed8e16b9e70f37facc922f999 /NEWS
parent: da0c8484f75a0102514f9bc7b68c8f53440789eb (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 7677244..218b702 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,7 @@ New in release 1.2 (2011-XX-XX):
 * Security updates:
 	- RH718164, CVE-2011-2513: Home directory path disclosure to untrusted applications
 	- RH718170, CVE-2011-2514: Java Web Start security warning dialog manipulation
+	- RH742515, CVE-2011-3377: IcedTea-Web: second-level domain subdomains and suffix domain SOP bypass
 * NetX
   - PR618: Can't install OpenDJ, JavaWebStart fails with Input stream is null error
   - PR765: JNLP file with all resource jars marked as 'lazy' fails to validate signature and stops the launch of application
author	Deepak Bhole <[email protected]>	2011-10-28 14:29:21 -0400
committer	Deepak Bhole <[email protected]>	2011-10-28 14:29:21 -0400
commit	fa8353ea0077bca56e22962c47354454e75278c4 (patch)
tree	d1b842c44c506a0ed8e16b9e70f37facc922f999 /NEWS
parent	da0c8484f75a0102514f9bc7b68c8f53440789eb (diff)