Security update for icedtea-web (important)

The icedtea-web java plugin was updated to 1.6.1.

Changes included:

• Enabled Entry-Point attribute check
• permissions sandbox and signed app and unsigned app with permissions
  all-permissions now run in sandbox instead of not at all.
• fixed DownloadService
• comments in deployment.properties now should persists load/save
• fixed bug in caching of files with query
• fixed issues with recreating of existing shortcut
• trustAll/trustNone now processed correctly
• headless no longer shows dialogues
• RH1231441 Unable to read the text of the buttons of the security dialogue
• Fixed RH1233697 icedtea-web: applet origin spoofing (CVE-2015-5235,
  bsc#944208)
• Fixed RH1233667 icedtea-web: unexpected permanent authorization of
  unsigned applets (CVE-2015-5234, bsc#944209)
• MissingALACAdialog made available also for unsigned applications (but
  ignoring actual manifest value) and fixed
• NetX
  • fixed issues with -html shortcuts
  • fixed issue with -html receiving garbage in width and height
• PolicyEditor
  • file flag made to work when used standalone
  • file flag and main argument cannot be used in combination
• Fix generation of man-pages with some versions of "tail"

Also included is the update to 1.6

• Massively improved offline abilities. Added Xoffline switch to force
  work without inet connection.
• Improved to be able to run with any JDK
• JDK 6 and older no longer supported
• JDK 8 support added (URLPermission granted if applicable)
• JDK 9 supported
• Added support for Entry-Point manifest attribute
• Added KEY_ENABLE_MANIFEST_ATTRIBUTES_CHECK deployment property to
  control scan of Manifest file
• starting arguments now accept also – abbreviations
• Added new documentation
• Added support for menu shortcuts - both javaws applications/applets and
  html applets are supported
• added support for -html switch for javaws. Now you can run most
  of the applets without browser at all
• Control Panel
  • PR1856: ControlPanel UI improvement for lower resolutions (800*600)
• NetX
  • PR1858: Java Console accepts multi-byte encodings
  • PR1859: Java Console UI improvement for lower resolutions (800*600)
  • RH1091563: [abrt] icedtea-web-1.5-2.fc20: Uncaught exception
    java.lang.ClassCastException in method
    sun.applet.PluginAppletViewer$8.run()
  • Dropped support for long unmaintained -basedir argument
  • Returned support for -jnlp argument
  • RH1095311, PR574 - References class sun.misc.Ref removed in OpenJDK 9
    • fixed, and so buildable on JDK9
• Plugin
  • PR1743 - Intermittant deadlock in PluginRequestProcessor
  • PR1298 - LiveConnect - problem setting array elements (applet
    variables) from JS
  • RH1121549: coverity defects
  • Resolves method overloading correctly with superclass heirarchy
    distance
• PolicyEditor
  • codebases can be renamed in-place, copied, and pasted
  • codebase URLs can be copied to system clipboard
  • displays a progress dialog while opening or saving files
  • codebases without permissions assigned save to file anyway (and
    re-appear on next open)
  • PR1776: NullPointer on save-and-exit
  • PR1850: duplicate codebases when launching from security dialogs
  • Fixed bug where clicking "Cancel" on the "Save before Exiting" dialog
    could result in the editor exiting without saving changes
  • Keyboard accelerators and mnemonics greatly improved
  • "File - New" allows editing a new policy without first selecting the
    file to save to
• Common
  • PR1769: support signed applets which specify Sandbox permissions in
    their manifests
• Temporary Permissions in security dialog now multi-selectable and based
  on PolicyEditor permissions

• Update to 1.5.2

• NetX
  • RH1095311, PR574 - References class sun.misc.Ref removed in OpenJDK 9
    • fixed, and so buildable on JDK9
  • RH1154177 - decoded file needed from cache
  • fixed NPE in https dialog
  • empty codebase behaves as "."