Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 158576

Summary: www-client/seamonkey <=1.0.6 security exploits
Product: Gentoo Security Reporter: Jory A. Pratt <geekypenguin>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: mozilla, pacho, polynomial-c
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: A2 [glsa] Falco
Package list:
Runtime testing required: ---

Description Jory A. Pratt 2006-12-19 11:58:18 UTC 
MFSA 2006-75  RSS Feed-preview referrer leak
MFSA 2006-74 Mail header processing heap overflows
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-69 CSS cursor image buffer overflow (Windows only)
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)

OF course we can not forget the seamonkey.
Comment 1 Pacho Ramos gentoo-dev 2006-12-20 01:13:21 UTC 
Here can be downloaded 1.0.7:
http://releases.mozilla.org/pub/mozilla.org/seamonkey/releases/1.0.7/

Thanks
Comment 2 Jory A. Pratt 2006-12-20 18:16:57 UTC 
(In reply to comment #1)
> Here can be downloaded 1.0.7:
> http://releases.mozilla.org/pub/mozilla.org/seamonkey/releases/1.0.7/
> 
> Thanks
> 
Mozilla herd is always aware of the updates, We are forced to wait until a few of the mirrors seed before we can actually get the source file tho. 1.0.7 has been commited to the tree please add appropriate arch and mark stable :) thank you.
Comment 3 Pacho Ramos gentoo-dev 2006-12-21 01:39:58 UTC 
Ok, thanks a lot
Comment 4 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-12-28 08:09:04 UTC 
sooo late, sorry.

Hi arches, merry christmas, happy new year and all that stuff please test & stabilize seamonkey-1.0.7 you know the deal :)
Comment 5 Jeroen Roovers (RETIRED) gentoo-dev 2006-12-28 13:49:47 UTC 
Stable for HPPA!!!one
Comment 6 Andrej Kacian (RETIRED) gentoo-dev 2006-12-29 05:14:05 UTC 
x86 done
Comment 7 Tobias Scherbaum (RETIRED) gentoo-dev 2006-12-29 07:44:42 UTC 
ppc stable
Comment 8 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-01-04 09:27:27 UTC 
Helloooo Alpha, AMD64, you're in holidays? :)
Comment 9 Bryan Østergaard (RETIRED) gentoo-dev 2007-01-07 22:33:48 UTC 
Stable on Alpha + IA64.
Comment 10 Michael Cummings (RETIRED) gentoo-dev 2007-01-10 01:29:28 UTC 
i think i liked holidays better - amd64 done
Comment 11 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-01-12 21:22:24 UTC 
GLSA 200701-04