From the SeaMonkey 2.53.6 changelog: SeaMonkey 2.53.6 uses the same backend as Firefox and contains the relevant Firefox 60.8 security fixes. SeaMonkey 2.53.6 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 60.0 release notes for specific changes and security fixes in this release. Additional important security fixes up to Current Firefox 78.6 ESR and a few enhancements have been backported. And it links to these pages as references for the vulnerabilities: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/ Firefox 60.8 advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/ Firefox 78.6 advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2020-56/ Thunderbird 60.0 advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2018-19/ A bit messy to track all the vulnerabilities, but of course these all report memory safety bugs that are presumed to be able to remotely execute code.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9475b6f680eb9b45bb63d660d1f2b2695b4c73d8 commit 9475b6f680eb9b45bb63d660d1f2b2695b4c73d8 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2021-01-27 07:34:51 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2021-01-27 07:35:00 +0000 www-client/seamonkey: Security cleanup Bug: https://bugs.gentoo.org/767400 Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> www-client/seamonkey/Manifest | 4 - www-client/seamonkey/metadata.xml | 1 - www-client/seamonkey/seamonkey-2.53.5.1.ebuild | 541 ------------------------- 3 files changed, 546 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=462fdc938bab022078cbb44068327312689cbb01 commit 462fdc938bab022078cbb44068327312689cbb01 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2021-01-27 07:33:31 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2021-01-27 07:35:00 +0000 www-client/seamonkey: Version 2.53.6 stable for amd64 and x86 Bug: https://bugs.gentoo.org/767400 Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> www-client/seamonkey/seamonkey-2.53.6.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Unable to check for sanity: > no match for package: www-client/seamonkey-2.53.6
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=c90f240e95679005dbd82c35fe74df524c4217dc commit c90f240e95679005dbd82c35fe74df524c4217dc Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-02-19 05:58:31 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2024-02-19 06:10:22 +0000 [ GLSA 202402-24 ] Seamonkey: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/767400 Bug: https://bugs.gentoo.org/828479 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202402-24.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+)
