This is a patch release correcting a buffer overrun. Thanks to the Microsoft Vulnerability Research team for pointing out this issue.
This update is completely compatible with the previous JSR-231 1.1.1 release. An extension JNLP file which will permanently point at this release is available at
The preferred "current" extension JNLP file for the JOGL 1.x releases has changed because of the upcoming change to the JOGL 2 APIs:
<extension name="jogl" href="http://download.java.net/media/jogl/builds/archive/jsr-231-1.x-webstart-current/jogl.jnlp" />
The previous jsr-231-webstart-current link will live for the indefinite future, but the link above is now the preferred one.
Due to security concerns, all Java Web Start binaries for all previous releases of JOGL have been changed to point to the 1.1.1a binaries, and the webstart zip archives like jsr-231-1.1.1-webstart.zip have been removed. If you have re-hosted the signed JOGL binaries on your own web server, we recommend updating to the 1.1.1a version.
Please post if you run into any problems with this release. More to come soon regarding JOGL 2.