-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-7567 2009-07-15 19:57:57 --------------------------------------------------------------------------------
Name : seamonkey Product : Fedora 10 Version : 1.1.17 Release : 1.fc10 URL : http://www.mozilla.org/projects/seamonkey/ Summary : Web browser, e-mail, news, IRC client, HTML editor Description : SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite. -------------------------------------------------------------------------------- Update Information: Update to upstream version 1.1.17, fixing multiple security flaws: http://www.mozilla.org/security/known- vulnerabilities/seamonkey11.html#seamonkey1.1.17 -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 10 2009 Martin Stransky <[email protected]> 1.1.17-1 - Update to 1.1.17 * Thu May 7 2009 Kai Engert <[email protected]> 1.1.16-1 - Update to 1.1.16 * Fri Mar 27 2009 Christopher Aillon <[email protected]> - 1.15.1-3 - Add patches for MFSA-2009-12, MFSA-2009-13 * Wed Mar 25 2009 Christopher Aillon <[email protected]> - 1.15.1-2 - Update default homepage * Wed Mar 4 2009 Fedora Security Response Team <[email protected]> - 1.1.15-1 - Update to 1.1.15 * Thu Jan 8 2009 Martin Stransky <[email protected]> 1.1.14-4 - build with -fno-strict-aliasing (#468415) * Wed Jan 7 2009 Christopher Aillon <[email protected]> - 1.1.14-3 - Disable the crash dialog * Mon Jan 5 2009 Martin Stransky <[email protected]> 1.1.14-2 - disabled -O2 optimalization for i386 as a workaround for #468415 * Wed Dec 17 2008 Kai Engert <[email protected]> - 1.1.14-1 - Update to 1.1.14 -------------------------------------------------------------------------------- References: [ 1 ] Bug #507812 - CVE-2009-2210 Thunderbird mail crash https://bugzilla.redhat.com/show_bug.cgi?id=507812 [ 2 ] Bug #503583 - CVE-2009-1841 Firefox JavaScript arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=503583 [ 3 ] Bug #503578 - CVE-2009-1836 Firefox SSL tampering via non-200 responses to proxy CONNECT requests https://bugzilla.redhat.com/show_bug.cgi?id=503578 [ 4 ] Bug #503580 - CVE-2009-1838 Firefox arbitrary code execution flaw https://bugzilla.redhat.com/show_bug.cgi?id=503580 [ 5 ] Bug #503576 - CVE-2009-1835 Firefox Arbitrary domain cookie access by local file: resources https://bugzilla.redhat.com/show_bug.cgi?id=503576 [ 6 ] Bug #503569 - CVE-2009-1832 Firefox double frame construction flaw https://bugzilla.redhat.com/show_bug.cgi?id=503569 [ 7 ] Bug #496271 - CVE-2009-1311 Firefox POST data sent to wrong site when saving web page with embedded frame https://bugzilla.redhat.com/show_bug.cgi?id=496271 [ 8 ] Bug #496263 - CVE-2009-1307 Firefox Same-origin violations when Adobe Flash loaded via view-source: protocol https://bugzilla.redhat.com/show_bug.cgi?id=496263 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update seamonkey' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list [email protected] http://www.redhat.com/mailman/listinfo/fedora-package-announce
