This bug was fixed in the package seamonkey - 1.1.17+nobinonly- 0ubuntu0.8.04.1
--------------- seamonkey (1.1.17+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low * New upstream security release: 1.1.17 (LP: #356274) - CVE-2009-1841: JavaScript chrome privilege escalation - CVE-2009-1838: Arbitrary code execution using event listeners attached to an element whose owner document is null - CVE-2009-1836: SSL tampering via non-200 responses to proxy CONNECT requests - CVE-2009-1835: Arbitrary domain cookie access by local file: resources - CVE-2009-1392, CVE-2009-1832, CVE-2009-1833: Crashes with evidence of memory corruption (rv:1.9.0.11) - CVE-2009-1311: POST data sent to wrong site when saving web page with embedded frame - CVE-2009-1307: Same-origin violations when Adobe Flash loaded via view-source: scheme - MFSA 2009-33 Crash viewing multipart/alternative message with text/enhanced part * removed debian/patches/90_181_484320_attachment_368977.patch * removed debian/patches/90_181_485217_attachment_369357.patch * removed debian/patches/90_181_485286_attachment_369457.patch - update debian/patches/series -- John Vivirito <gnomefr...@ubuntu.com> Mon, 06 Jul 2009 13:20:53 -0400 ** Changed in: seamonkey (Ubuntu) Status: Triaged => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-1307 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-1311 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-1392 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-1832 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-1833 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-1835 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-1836 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-1838 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2009-1841 ** Changed in: seamonkey (Ubuntu Jaunty) Status: Triaged => Fix Released -- [MASTER] Please update seamonkey to latest 1.1.17 https://bugs.launchpad.net/bugs/356274 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs