SeaMonkey 1.1.3 and CVE-2007-3845
tmz at pobox.com
Wed Oct 3 23:05:40 UTC 2007
Michael C wrote:
> I've just installed Fedora 7 and downloaded Seamonkey, only to find that
> the repositories still contain version 1.1.3. This is subject to a
> critical, cross-platform vulnerability
> (https://bugzilla.mozilla.org/show_bug.cgi?id=389106) fixed as of
> version 1.1.4, released on August 3.
> What's the most appropriate means of requesting an update?
bugzilla.redhat.com is the way to make the issue known. Looking at
the fedora-security audit for F7, it seems that this is already known
but marked as windows specific.
CVE-2007-3845 ignore (firefox) windows specific
If you know this isn't the case, please file a bug report. Include
the CVE number and any references that show this affects packages as
shipped in Fedora.
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
A great many people think they are thinking when they are merely
rearranging their prejudices.
-- William James
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 542 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20071003/e9cd22a1/attachment-0001.bin
More information about the users