Arches, please test and mark stable: =www-client/seamonkey-1.1.18 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86" =www-client/seamonkey-bin-1.1.18 Target keywords : "amd64 x86"
x86 stable
ppc64 done
Stable for HPPA.
alpha/arm/ia64/sparc stable
amd64 stable
Marked ppc stable.
Nothing for mozilla team to do here, none of the affected versions/packages are in-tree anymore.
1.1.18 fixed the vulnerabilities listed at https://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html#seamonkey1.1.18, namely: MFSA 2009-43, CVE-2009-2404 Heap overflow in certificate regexp parsing MFSA 2009-42, CVE-2009-2408 Compromise of SSL-protected communication ...and it looks like 1.1.18 was stable: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/www-client/seamonkey/seamonkey-1.1.18.ebuild?hideattic=0&revision=1.10&view=markup So rating this B2 and adding to the Mozilla GLSA request.
This issue was resolved and addressed in GLSA 201301-01 at http://security.gentoo.org/glsa/glsa-201301-01.xml by GLSA coordinator Sean Amoss (ackle).