Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 286721

Summary: Stabilise =www-client/seamonkey-1.1.18 and =www-client/seamonkey-bin-1.1.18
Product: Gentoo Security Reporter: Robert Buchholz (RETIRED) <rbu>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Robert Buchholz (RETIRED) gentoo-dev 2009-09-28 02:21:17 UTC
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 sparc x86"

Target keywords : "amd64 x86"
Comment 1 Christian Faulhammer (RETIRED) gentoo-dev 2009-09-28 14:52:15 UTC
x86 stable
Comment 2 Brent Baude (RETIRED) gentoo-dev 2009-09-28 17:46:18 UTC
ppc64 done
Comment 3 Jeroen Roovers (RETIRED) gentoo-dev 2009-09-29 00:23:20 UTC
Stable for HPPA.
Comment 4 Raúl Porcel (RETIRED) gentoo-dev 2009-09-29 17:19:06 UTC
alpha/arm/ia64/sparc stable
Comment 5 Markus Meier gentoo-dev 2009-09-29 22:23:57 UTC
amd64 stable
Comment 6 Joe Jezak (RETIRED) gentoo-dev 2009-10-03 16:10:29 UTC
Marked ppc stable.
Comment 7 Nirbheek Chauhan (RETIRED) gentoo-dev 2010-09-16 13:36:23 UTC
Nothing for mozilla team to do here, none of the affected versions/packages are in-tree anymore.
Comment 8 Tim Sammut (RETIRED) gentoo-dev 2011-01-02 04:46:52 UTC
1.1.18 fixed the vulnerabilities listed at, namely:

MFSA 2009-43, CVE-2009-2404 Heap overflow in certificate regexp parsing
MFSA 2009-42, CVE-2009-2408 Compromise of SSL-protected communication

...and it looks like 1.1.18 was stable:

So rating this B2 and adding to the Mozilla GLSA request.

Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2013-01-08 01:03:33 UTC
This issue was resolved and addressed in
 GLSA 201301-01 at
by GLSA coordinator Sean Amoss (ackle).