Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 501
Alerts This Week
Warning Icon 1 501

openSUSE 11.4: 2013:1176-1 Important: SeaMonkey 2.19 Security Update

opensuse
Calendar Grey July 11, 2013
Dist Opensuse Esm H88
Upgrade to SeaMonkey 2.19 on openSUSE to tackle serious security vulnerabilities and bolster overall system reliability.
An update that fixes 15 vulnerabilities is now available

Description

Seamonkey was updated to version 2.19

* MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous

memory safety hazards

* MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686

Memory corruption found using Address Sanitizer

* MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)

Privileged content access and execution via XBL

* MFSA 2013-52/CVE-2013-1688 (bmo#873966) Arbitrary code

execution within Profiler

* MFSA 2013-53/CVE-2013-1690 (bmo#857883) Execution of

unmapped memory through onreadystatechange event

* MFSA 2013-54/CVE-2013-1692 (bmo#866915) Data in the

body of XHR HEAD requests leads to CSRF attacks

* MFSA 2013-55/CVE-2013-1693 (bmo#711043) SVG filters can

lead to information disclosure

* MFSA 2013-56/CVE-2013-1694 (bmo#848535) PreserveWrapper

has inconsistent behavior

* MFSA 2013-57/CVE-2013-1695 (bmo#849791) Sandbox

restrictions not applied to nested frame elements

* MFSA 2013-58/CVE-2013-1696 (bmo#761667)...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch 2013-105

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 11.4 (i586 x86_64):

seamonkey-2.19-69.1

seamonkey-debuginfo-2.19-69.1

seamonkey-debugsource-2.19-69.1

seamonkey-dom-inspector-2.19-69.1

seamonkey-irc-2.19-69.1

seamonkey-translations-common-2.19-69.1

seamonkey-translations-other-2.19-69.1

seamonkey-venkman-2.19-69.1

References

https://www.suse.com/security/cve/CVE-2013-1682.html

https://www.suse.com/security/cve/CVE-2013-1683.html

https://www.suse.com/security/cve/CVE-2013-1684.html

https://www.suse.com/security/cve/CVE-2013-1685.html

https://www.suse.com/security/cve/CVE-2013-1686.html

https://www.suse.com/security/cve/CVE-2013-1687.html

https://www.suse.com/security/cve/CVE-2013-1688.html

https://www.suse.com/security/cve/CVE-2013-1690.html

https://www.suse.com/security/cve/CVE-2013-1692.html

https://www.suse.com/security/cve/CVE-2013-1693.html

https://www.suse.com/security/cve/CVE-2013-1694.html

https://www.suse.com/security/cve/CVE-2013-1695.html

https://www.suse.com/security/cve/CVE-2013-1696.html

https://www.suse.com/security/cve/CVE-2013-1697.html

https://www.suse.com/security/cve/CVE-2013-1698.html

https://login.microfocus.com/nidp/app/login?sid=0

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2013:1176-1
Rating: important
Affected Products: openSUSE 11.4 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.