[Bug 356274] Re: [MASTER] Please update seamonkey to latest 1.1.17

Wed, 19 Aug 2009 11:40:46 -0700 

This bug was fixed in the package seamonkey - 1.1.17+nobinonly-
0ubuntu0.8.04.1

---------------
seamonkey (1.1.17+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low

  * New upstream security release: 1.1.17 (LP: #356274)
    - CVE-2009-1841: JavaScript chrome privilege escalation
    - CVE-2009-1838: Arbitrary code execution using event listeners attached to 
an element whose owner document is null
    - CVE-2009-1836: SSL tampering via non-200 responses to proxy CONNECT 
requests
    - CVE-2009-1835: Arbitrary domain cookie access by local file: resources
    - CVE-2009-1392, CVE-2009-1832, CVE-2009-1833: Crashes with evidence of 
memory corruption (rv:1.9.0.11)
    - CVE-2009-1311: POST data sent to wrong site when saving web page with 
embedded frame
    - CVE-2009-1307:  Same-origin violations when Adobe Flash loaded via 
view-source: scheme
    - MFSA 2009-33  Crash viewing multipart/alternative message with 
text/enhanced part
  * removed debian/patches/90_181_484320_attachment_368977.patch
  * removed debian/patches/90_181_485217_attachment_369357.patch
  * removed debian/patches/90_181_485286_attachment_369457.patch
    - update debian/patches/series

 -- John Vivirito <gnomefr...@ubuntu.com>   Mon, 06 Jul 2009 13:20:53
-0400

** Changed in: seamonkey (Ubuntu)
       Status: Triaged => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1307

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1311

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1392

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1832

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1833

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1835

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1836

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1838

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1841

** Changed in: seamonkey (Ubuntu Jaunty)
       Status: Triaged => Fix Released

-- 
[MASTER] Please update seamonkey to latest 1.1.17
https://bugs.launchpad.net/bugs/356274
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to