[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[SECURITY] Fedora 8 Update: seamonkey-1.1.5-2.fc8



--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2795
2007-11-06 16:04:47.370645
--------------------------------------------------------------------------------

Name        : seamonkey
Product     : Fedora 8
Version     : 1.1.5
Release     : 2.fc8
URL         : http://www.mozilla.org/projects/seamonkey/
Summary     : Web browser, e-mail, news, IRC client, HTML editor
Description :
SeaMonkey is an all-in-one Internet application suite. It includes
a browser, mail/news client, IRC client, JavaScript debugger, and
a tool to inspect the DOM for web pages. It is derived from the
application formerly known as Mozilla Application Suite.

--------------------------------------------------------------------------------
Update Information:

SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.

By leveraging browser flaws, users could be fooled into possibly surrendering sensitive information (CVE-2007-1095, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334).

Malformed web content could result in the execution of arbitrary commands (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340).

Digest Authentication requests can be used to conduct a response splitting attack (CVE-2007-2292).

The sftp protocol handler could be used to view the contents of arbitrary local files (CVE-2007-5337).

Users of SeaMonkey are advised to upgrade to these erratum packages, which contain patches that correct these issues.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 19 2007 Kai Engert <kengert redhat com> - 1.1.5-2
- SeaMonkey 1.1.5
--------------------------------------------------------------------------------
References:

  [ 1 ] CVE-2007-1095
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1095
  [ 2 ] CVE-2007-3511
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3511
  [ 3 ] CVE-2007-3844
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3844
  [ 4 ] CVE-2007-5334
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5334
  [ 5 ] CVE-2007-5338
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5338
  [ 6 ] CVE-2007-5339
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339
  [ 7 ] CVE-2007-5340
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5340
  [ 8 ] CVE-2007-2292
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2292
  [ 9 ] CVE-2007-5337
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5337
--------------------------------------------------------------------------------
Updated packages:

c60f6ed451ab28753bdb1e4e63b633dcdfd47b4c seamonkey-1.1.5-2.fc8.ppc64.rpm
27210587e95e7d7d6b1326672ce9a3bacd5964d4 seamonkey-debuginfo-1.1.5-2.fc8.ppc64.rpm
55059dc06cc2e93c541246620578fb75b275d265 seamonkey-debuginfo-1.1.5-2.fc8.i386.rpm
888062d92343ed644171624388c3284d954d6ff3 seamonkey-1.1.5-2.fc8.i386.rpm
c0d5fba506b981e93f69e0da898527d6058b3d10 seamonkey-debuginfo-1.1.5-2.fc8.x86_64.rpm
58a80b87cc2c7820d04c44c7b508be00ac6117e4 seamonkey-1.1.5-2.fc8.x86_64.rpm
ebf4c5bad16da246c2b8e3f3ee9e347a76bb2a5e seamonkey-1.1.5-2.fc8.ppc.rpm
5bf1a703b24005aa282d9d7da76df2027ca715f6 seamonkey-debuginfo-1.1.5-2.fc8.ppc.rpm
8df7a8d69a83fa241821fa46fc820cdb6cb60e0e seamonkey-1.1.5-2.fc8.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update seamonkey' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]