USN-2131-1: IcedTea Web vulnerability
06 March 2014
IcedTea Web could be made to expose or alter sensitive information.
- icedtea-web - A web browser plugin to execute Java applets
Michael Scherer discovered that IcedTea Web created temporary directories
in an unsafe fashion. A local attacker could possibly use this issue to
obtain or modify sensitive information from other local user sessions.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart your browser to make all
the necessary changes.