seamonkey (1.1.13+nobinonly-0ubuntu1) jaunty; urgency=low
* New security upstream release: 1.1.13 (LP: #297789)
- CVE-2008-4582: Information stealing via local shortcut files
- CVE-2008-5012: Image stealing via canvas and HTTP redirect
- CVE-2008-5013: Arbitrary code execution via Flash Player dynamic module
unloading
- CVE-2008-5014: Crash and remote code execution via __proto__ tampering
- CVE-2008-5017: Browser engine crash - Firefox 2 and 3
- CVE-2008-5018: JavaScript engine crashes - Firefox 2 and 3
- CVE-2008-5019: XSS and JavaScript privilege escalation via session restore
- CVE-2008-0017: Buffer overflow in http-index-format parser
- CVE-2008-5021: Crash and remote code execution in nsFrameManager
- CVE-2008-5022: nsXMLHttpRequest::NotifyEventListeners() same-origin
violation
- CVE-2008-5023: -moz-binding property bypasses security checks on codebase
principals
- CVE-2008-5024: Parsing error in E4X default namespace
- CVE-NOTASSIGN (MFSA2008-59): Script access to .documentURI and
.textContent in mail
* re-run autoconf2.13 to update configure patch to changed upstream codebase
- update debian/patches/99_configure.patch
Date: Wed, 26 Nov 2008 14:54:21 +0100
Changed-By: Alexander Sack <[EMAIL PROTECTED]>
Maintainer: Ubuntu Mozilla Team <[EMAIL PROTECTED]>
Signed-By: Alexander Sack <[EMAIL PROTECTED]>
https://launchpad.net/ubuntu/jaunty/+source/seamonkey/1.1.13+nobinonly-0ubuntu1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 26 Nov 2008 14:54:21 +0100
Source: seamonkey
Binary: seamonkey seamonkey-browser seamonkey-gnome-support seamonkey-dev
seamonkey-dbg seamonkey-mailnews seamonkey-chatzilla seamonkey-dom-inspector
mozilla mozilla-browser mozilla-dev mozilla-mailnews mozilla-chatzilla
mozilla-psm mozilla-dom-inspector mozilla-js-debugger mozilla-calendar iceape
iceape-browser iceape-gnome-support iceape-dev iceape-dbg iceape-mailnews
iceape-chatzilla iceape-calendar iceape-dom-inspector
Architecture: source
Version: 1.1.13+nobinonly-0ubuntu1
Distribution: jaunty
Urgency: low
Maintainer: Ubuntu Mozilla Team <[EMAIL PROTECTED]>
Changed-By: Alexander Sack <[EMAIL PROTECTED]>
Description:
iceape - dummy upgrade package for the SeaMonkey Internet Suite
iceape-browser - dummy upgrade package for SeaMonkey Navigator
iceape-calendar - dummy upgrade package for SeaMonkey Navigator
iceape-chatzilla - dummy upgrade package for SeaMonkey Chatzilla IRC client
iceape-dbg - dummy upgrade package for SeaMonkey Debug package
iceape-dev - dummy upgrade package for SeaMonkey SDK
iceape-dom-inspector - dummy upgrade package for the DOM Inspector for the
SeaMonkey Int
iceape-gnome-support - dummy upgrade package for SeaMonkey Gnome Support
iceape-mailnews - dummy upgrade package for SeaMonkey Mail & Newsgroups and
Address
mozilla - dummy upgrade package for the SeaMonkey Internet Suite
mozilla-browser - dummy upgrade package for SeaMonkey Navigator and Composer
mozilla-calendar - dummy upgrade package for SeaMonkey Calendar
mozilla-chatzilla - dummy upgrade package for SeaMonkey Chatzilla IRC client
mozilla-dev - dummy upgrade package for development file for the SeaMonkey Inte
mozilla-dom-inspector - dummy upgrade package for the DOM Inspector for the
SeaMonkey Int
mozilla-js-debugger - dummy upgrade package for venkman
mozilla-mailnews - dummy upgrade package for SeaMonkey Mail & Newsgroups and
Address
mozilla-psm - dummy upgrade package for SeaMonkey Navigator
seamonkey - The Seamonkey Internet Suite
seamonkey-browser - Seamonkey Navigator (Internet browser) and Composer
seamonkey-chatzilla - Seamonkey Chatzilla IRC client
seamonkey-dbg - Debugging symbols for the Seamonkey Internet Suite
seamonkey-dev - Development files for the Seamonkey Internet Suite
seamonkey-dom-inspector - DOM inspector for the Seamonkey Internet Suite
seamonkey-gnome-support - Gnome support for the Seamonkey Internet Suite
seamonkey-mailnews - Seamonkey Mail & Newsgroups and Address Book
Launchpad-Bugs-Fixed: 297789
Changes:
seamonkey (1.1.13+nobinonly-0ubuntu1) jaunty; urgency=low
.
* New security upstream release: 1.1.13 (LP: #297789)
- CVE-2008-4582: Information stealing via local shortcut files
- CVE-2008-5012: Image stealing via canvas and HTTP redirect
- CVE-2008-5013: Arbitrary code execution via Flash Player dynamic module
unloading
- CVE-2008-5014: Crash and remote code execution via __proto__ tampering
- CVE-2008-5017: Browser engine crash - Firefox 2 and 3
- CVE-2008-5018: JavaScript engine crashes - Firefox 2 and 3
- CVE-2008-5019: XSS and JavaScript privilege escalation via session
restore
- CVE-2008-0017: Buffer overflow in http-index-format parser
- CVE-2008-5021: Crash and remote code execution in nsFrameManager
- CVE-2008-5022: nsXMLHttpRequest::NotifyEventListeners() same-origin
violation
- CVE-2008-5023: -moz-binding property bypasses security checks on
codebase principals
- CVE-2008-5024: Parsing error in E4X default namespace
- CVE-NOTASSIGN (MFSA2008-59): Script access to .documentURI and
.textContent in mail
.
* re-run autoconf2.13 to update configure patch to changed upstream codebase
- update debian/patches/99_configure.patch
Checksums-Sha1:
af70dc2ff0e1da264d0cfd47f10ff6d5803bc43b 2696
seamonkey_1.1.13+nobinonly-0ubuntu1.dsc
b9d561138efe91fade6b252adca49a928d5bc371 45469587
seamonkey_1.1.13+nobinonly.orig.tar.gz
0f4560625728fa58d1c1f4308fc11adf6dd1adaa 141675
seamonkey_1.1.13+nobinonly-0ubuntu1.diff.gz
Checksums-Sha256:
882ec94ca89944542040786fba3700659e578d3715fd8fe80656581d7624a2a1 2696
seamonkey_1.1.13+nobinonly-0ubuntu1.dsc
c8e7b3e6367a18fe6045e7e6764aee374c0222b65cbc924d7d691dc68a3ff823 45469587
seamonkey_1.1.13+nobinonly.orig.tar.gz
8460ccf3977ca93429599cf05cdc1881b9f5bb6c718fe1e7f19b9c235f8dc945 141675
seamonkey_1.1.13+nobinonly-0ubuntu1.diff.gz
Files:
2c17a200caece543355df4e6841f64a6 2696 net optional
seamonkey_1.1.13+nobinonly-0ubuntu1.dsc
6eecb7d565a80a94139e87321d83df15 45469587 net optional
seamonkey_1.1.13+nobinonly.orig.tar.gz
8edc95b518ecec1f8cdf92634862eacc 141675 net optional
seamonkey_1.1.13+nobinonly-0ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQIcBAEBAgAGBQJJLVcdAAoJEKBE/gcUDGZkWUoP/A7DkptWCXbOxGeRe3iSE75K
t5jnYsF9EwofnkBeN8MWn0Pe5keykRsE5RSRqfK0C3ufzsEeHXXAjVYd9j5reeYN
ElfDg39IGrW8z0uXLNFvPGjWbKUkw8DzGrhNGD7zRz6L+ykMtvkqZqkpDW2AHSJ0
a/eRg+OIlc2Xz25dHmmLywq7qPTQr2yoxFjaa+0LJN4HAgO2izQ/gf+25bVMcZaq
p+RDqq/sEbc8bPT6o7o4L0nIxVX53jXvbwSuPT8gTPtfqyFh+XktrJvkfvkx06ku
eNtHTKuyORENexCNukHSEEKrk6vbYqgxBji2j9t2IhaZbQIzTwaTjYeO4WL/xoAZ
ldPMBB6YGrvEMUr6mgcLBIRECSFVJ+1x9egQd3GCL/cKGYHmS2nfM/cL4N982bP1
g+sqdY1gIexCKtaHKxzUR2cyv/mYf2OWiPGvhy14+s8XK2UKHqBOTX5IWq3GCBmS
13U/+izXBZkw25ZLQ4WVqePPy11FWeeMseiZfjEBWvRff6iW7cnsuhmxwOYhGGKR
p92jN89Bthpk6uBut2CNCsJzyjfiElG3UtZ7kjvWqeDdPIYan8CuTWEWlxNGFfDt
XLmxtYtvYIfwUdCP7b8lu3sbKV68A15NGcL8sFYwv02o99vAfIdzIhw4Yrk+JVFR
zeXirp3/I/+hx/IaVhV6
=DRHU
-----END PGP SIGNATURE-----
--
Jaunty-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/jaunty-changes
