[SECURITY] Fedora 8 Update: seamonkey-1.1.5-2.fc8
updates at fedoraproject.org
updates at fedoraproject.org
Tue Nov 6 16:05:16 UTC 2007
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2795
2007-11-06 16:04:47.370645
--------------------------------------------------------------------------------
Name : seamonkey
Product : Fedora 8
Version : 1.1.5
Release : 2.fc8
URL : http://www.mozilla.org/projects/seamonkey/
Summary : Web browser, e-mail, news, IRC client, HTML editor
Description :
SeaMonkey is an all-in-one Internet application suite. It includes
a browser, mail/news client, IRC client, JavaScript debugger, and
a tool to inspect the DOM for web pages. It is derived from the
application formerly known as Mozilla Application Suite.
--------------------------------------------------------------------------------
Update Information:
SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.
By leveraging browser flaws, users could be fooled into possibly surrendering sensitive information (CVE-2007-1095, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334).
Malformed web content could result in the execution of arbitrary commands (CVE-2007-5338, CVE-2007-5339, CVE-2007-5340).
Digest Authentication requests can be used to conduct a response splitting attack (CVE-2007-2292).
The sftp protocol handler could be used to view the contents of arbitrary local files (CVE-2007-5337).
Users of SeaMonkey are advised to upgrade to these erratum packages, which contain patches that correct these issues.
--------------------------------------------------------------------------------
ChangeLog:
* Fri Oct 19 2007 Kai Engert <kengert at redhat.com> - 1.1.5-2
- SeaMonkey 1.1.5
--------------------------------------------------------------------------------
References:
[ 1 ] CVE-2007-1095
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1095
[ 2 ] CVE-2007-3511
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3511
[ 3 ] CVE-2007-3844
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3844
[ 4 ] CVE-2007-5334
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5334
[ 5 ] CVE-2007-5338
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5338
[ 6 ] CVE-2007-5339
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5339
[ 7 ] CVE-2007-5340
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5340
[ 8 ] CVE-2007-2292
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2292
[ 9 ] CVE-2007-5337
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5337
--------------------------------------------------------------------------------
Updated packages:
c60f6ed451ab28753bdb1e4e63b633dcdfd47b4c seamonkey-1.1.5-2.fc8.ppc64.rpm
27210587e95e7d7d6b1326672ce9a3bacd5964d4 seamonkey-debuginfo-1.1.5-2.fc8.ppc64.rpm
55059dc06cc2e93c541246620578fb75b275d265 seamonkey-debuginfo-1.1.5-2.fc8.i386.rpm
888062d92343ed644171624388c3284d954d6ff3 seamonkey-1.1.5-2.fc8.i386.rpm
c0d5fba506b981e93f69e0da898527d6058b3d10 seamonkey-debuginfo-1.1.5-2.fc8.x86_64.rpm
58a80b87cc2c7820d04c44c7b508be00ac6117e4 seamonkey-1.1.5-2.fc8.x86_64.rpm
ebf4c5bad16da246c2b8e3f3ee9e347a76bb2a5e seamonkey-1.1.5-2.fc8.ppc.rpm
5bf1a703b24005aa282d9d7da76df2027ca715f6 seamonkey-debuginfo-1.1.5-2.fc8.ppc.rpm
8df7a8d69a83fa241821fa46fc820cdb6cb60e0e seamonkey-1.1.5-2.fc8.src.rpm
This update can be installed with the "yum" update program. Use
su -c 'yum update seamonkey'
at the command line. For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------
More information about the package-announce
mailing list