This bug was fixed in the package seamonkey - 1.1.12+nobinonly-0ubuntu1
---------------
seamonkey (1.1.12+nobinonly-0ubuntu1) intrepid; urgency=low
* New security upstream release: 1.1.12 (LP: #276437)
- CVE-2008-4070: Heap overflow when canceling newsgroup message
- CVE-2008-4069: XBM image uninitialized memory reading
- CVE-2008-4067..4068: resource: traversal vulnerabilities
- CVE-2008-4065..4066: BOM characters stripped from JavaScript before
execution
- CVE-2008-4061..4064: Crashes with evidence of memory corruption
- CVE-2008-4058..4060: Privilege escalation via XPCnativeWrapper pollution
- CVE-2008-3837: Forced mouse drag
- CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation
- CVE-2008-0016: UTF-8 URL stack buffer overflow
-- Fabien Tassin <[EMAIL PROTECTED]> Tue, 30 Sep 2008 00:41:24 +0200
** Changed in: seamonkey (Ubuntu Intrepid)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-0016
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3835
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3837
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-4058
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-4061
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-4065
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-4067
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-4069
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-4070
--
security upgrade of seamonkey 1.1.12
https://bugs.launchpad.net/bugs/276437
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
