Debian Package Tracker

general

source: icedtea-web (main)
version: 1.6.2-3.1
maintainer: OpenJDK Team (archive) [DMD]
uploaders: Damien Raude-Morvan [DMD] – Matthias Klose [DMD]
arch: all amd64 arm64 armel armhf hurd-i386 i386 ia64 kfreebsd-amd64 kfreebsd-i386 powerpc ppc64 ppc64el s390 s390x sparc x32
std-ver: 3.9.6
VCS: Bazaar (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.4-3~deb7u2
o-o-sec: 1.4-3~deb7u3
oldstable: 1.5.3-1
stable: 1.6.2-3.1
testing: 1.6.2-3.1
unstable: 1.6.2-3.1

versioned links

1.4-3~deb7u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4-3~deb7u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.5.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.6.2-3.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

icedtea-8-plugin
icedtea-netx
icedtea-netx-common
icedtea-plugin

action needed

A new upstream version is available: 1.7.1 high

A new upstream version 1.7.1 is available, you should consider packaging it.

Created: 2017-11-21 Last update: 2018-04-25 20:07

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.1.4 instead of 3.9.6).

Created: 2016-02-06 Last update: 2018-04-16 20:50

The VCS repository is not up to date, consider pushing the missing commits. high

vcswatch reports that the current version of the package is not in its VCS.
Either you need to push your commits, or the information about the package's VCS are out of date. A common cause of the latter issue when using the Git VCS is not specifying the correct branch when the packaging is not in the default one (remote HEAD branch), which is usually "master" but can be modified in salsa.debian.org in the project's general settings with the "Default Branch" field). Alternatively the Vcs-Git field in debian/control can contain a "-b <branch-name>" suffix to indicate what branch is used for the Debian packaging.

Created: 2017-12-03 Last update: 2018-04-15 08:20

lintian reports 9 warnings high

Lintian reports 9 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2016-02-08 Last update: 2017-11-01 07:15

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2016-04-06 Last update: 2018-04-25 20:21

Depends on packages which need a new maintainer normal

The packages that icedtea-web depends on which need a new maintainer are:

npapi-sdk (#856737)
- Build-Depends: npapi-sdk-dev

Created: 2017-12-02 Last update: 2018-04-25 20:16

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2018-02-04 Last update: 2018-04-25 19:43

3 ignored security issues in wheezy low

There are 3 open security issues in wheezy.

3 issues skipped by the security teams:

CVE-2015-5234: IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
CVE-2013-6493: The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp.
CVE-2015-5235: IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.

Please fix them.

Created: 2015-07-12 Last update: 2017-12-30 19:43

news

[rss feed]

[2017-01-25] icedtea-web 1.6.2-3.1 MIGRATED to testing (Debian testing watch)
[2017-01-14] Accepted icedtea-web 1.6.2-3.1 (source) into unstable (Adrian Bunk)
[2016-08-05] Accepted icedtea-web 1.4-3~deb7u3 (source all amd64) into oldstable (Emilio Pozuelo Monfort)
[2016-05-25] Accepted icedtea-web 1.5.3-1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Moritz Mühlenhoff)
[2016-05-04] Accepted icedtea-web 1.4-3~deb7u2 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Salvatore Bonaccorso)
[2016-05-04] Accepted icedtea-web 1.4-3~deb7u1 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Moritz Mühlenhoff)
[2016-04-22] icedtea-web 1.6.2-3 MIGRATED to testing (Debian testing watch)
[2016-04-16] Accepted icedtea-web 1.6.2-3 (source amd64 all) into unstable (Matthias Klose)
[2016-02-07] Accepted icedtea-web 1.6.2-2 (source amd64 all) into unstable (Matthias Klose)
[2016-02-06] Accepted icedtea-web 1.6.2-1 (source amd64 all) into unstable (Matthias Klose)
[2016-02-03] icedtea-web 1.6.1-4 MIGRATED to testing (Debian testing watch)
[2016-01-28] Accepted icedtea-web 1.6.1-4 (source amd64 all) into unstable (Matthias Klose)
[2016-01-27] Accepted icedtea-web 1.6.1-3 (source amd64 all) into unstable (Matthias Klose)
[2016-01-26] Accepted icedtea-web 1.6.1-2 (source amd64 all) into unstable (Matthias Klose)
[2016-01-26] Accepted icedtea-web 1.6.1-1 (source amd64 all) into unstable, unstable (Matthias Klose)
[2015-04-27] icedtea-web 1.5.2-1.1 MIGRATED to testing (Britney)
[2015-03-30] icedtea-web 1.5-2+deb8u1 MIGRATED to testing (Britney)
[2015-03-29] Accepted icedtea-web 1.5-2+deb8u1 (source amd64 all) into testing-proposed-updates (Gilles Filippini)
[2015-03-24] Accepted icedtea-web 1.5.2-1.1 (source amd64 all) into unstable (Gilles Filippini)
[2014-11-28] Accepted icedtea-web 1.5.2-1 (source amd64 all) into unstable (Matthias Klose)
[2014-11-21] Accepted icedtea-web 1.5.2~rc1-1 (source amd64 all) into unstable (Matthias Klose)
[2014-08-21] Accepted icedtea-web 1.5.1-1 (source amd64 all) into unstable (Matthias Klose)
[2014-07-05] icedtea-web 1.5-2 MIGRATED to testing (Britney)
[2014-06-30] Accepted icedtea-web 1.5-2 (source amd64 all) (Matthias Klose)
[2014-04-13] icedtea-web 1.5-1 MIGRATED to testing (Debian testing watch)
[2014-04-07] Accepted icedtea-web 1.5-1 (source amd64 all) (Matthias Klose)
[2014-03-10] icedtea-web 1.4.2-1 MIGRATED to testing (Debian testing watch)
[2014-02-05] Accepted icedtea-web 1.4.2-1 (source amd64 all) (Matthias Klose)
[2013-10-19] Accepted icedtea-web 1.4.1-1 (source amd64 all) (Matthias Klose)
[2013-10-01] Accepted icedtea-web 1.4-3.1 (source amd64 all) (Salvatore Bonaccorso)

bugs [bug history graph]

all: 58 60
RC: 2
I&N: 51 53
M&W: 5
F&P: 0

links

homepage
lintian (0, 9)
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.6.2-3.1ubuntu3
64 bugs (1 patch)
patches for 1.6.2-3.1ubuntu3