openSUSE Security Update: Security update for seamonkey
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2021:1588-1
Rating:             important
References:         
Affected Products:
                    openSUSE Backports SLE-15-SP3
______________________________________________________________________________

   An update that contains security fixes can now be installed.

Description:

   This update for seamonkey fixes the following issues:

   update to SeaMonkey 2.53.10.1

     * Security fix for NSS code bug 1737470.
     * Only use networks and servers in lower case in ChatZilla bug 1742502.
     * Change classic form icon in SeaMonkey composer bug 1710915.
     * Addition fixes for SeaMonkey 32x32 default icons on Windows and macOS
       bug 1729153.
     * SeaMonkey 2.53.10.1 uses the same backend as Firefox and contains the
       relevant Firefox 60.8 security fixes.
     * SeaMonkey 2.53.10.1 shares most parts of the mail and news code with
       Thunderbird. Please read the Thunderbird 60.0 release notes for
       specific changes and security fixes in this release.
     * Additional important security fixes up to Current Firefox 91.4 ESR and
       a few enhancements have been backported. We will continue to enhance
       SeaMonkey security in subsequent 2.53.x beta and release versions as
       fast as we are able to.

   update to SeaMonkey 2.53.10

     * Minor fixes for testdisplay command in ChatZilla bug 1727976.
     * Show CTCP requests (excluding ACTION and DCC) bug 1722156.
     * IRCv3: Add support for server-time bug 1724586.
     * Add localization note for network editor dialog width in ChatZilla bug
       1727977.
     * IRCv3: Add support for extended-join and account-notify bug 1722159.
     * Add ability to collapse message groups in ChatZilla bug 1724588.
     * Fix JS strict warnings in unescapeTagValue in ChatZilla bug 1727989.
     * IRCv3: Add support for invite-notify bug 1722161.
     * IRCv3: Add support for batch bug 1724589.
     * Fix JS strict warning in addHistory in cZ static.js bug 1727992.
     * IRCv3: Add support for cap-notify bug 1722162.
     * Stop using canonical name as collection keys in ChatZilla bug 1728025.
     * IRCv3: Add support for TLS and STS bug 1722166.
     * Helper function for renaming irc server properties in ChatZilla bug
       1728027.
     * IRCv3: Add support for MONITOR bug 1722174.
     * Remove use of msg.commasp in ChatZilla bug 1726965.
     * Allow shiftKey to modify behaviour of link clicking in cZ bug 1713458.
     * IRCv3: Add support for echo-message bug 1722211.
     * In ChatZilla make /commands return all matches starting with pattern
       bug 1726966.
     * Use SeaMonkey prefs to determine how links behave in cZ bug 1713467.
     * Allow parameters to be localised in ChatZilla bug 1724105.
     * Add identify command to cZ and hook into password management bug
       1713470.
     * IRCv3.1: Implement SASL with PLAIN mechanism bug 1717545.
     * IRCv3: Add support for message tags bug 1724584.
     * Add last read message divider to ChatZilla bug 1729159.
     * IRCv3: Add support for account-tag bug 1724585.
     * Missing option "text encoding Unicode/UTF-8" in preferences - Mailnews
       bug 1679260.
     * Detect Crashreporter using AppConstants in SeaMonkey bug 1735236.
     * Link about LEGACY extensions in Add-ons Manager is broken bug 1656797.
     * Update help for clear private data preferences and dialog bug 1728911.
     * Fix typo in cs_nav_prefs_appearance bug 1737473.
     * Drop leftover "Edit Menu" comment from messageWindow.xul and
       addressbook.xul bug 1725121.
     * Add dummy tab routines to SeaMonkey mailnews tab browser bug 1735243.
     * Folder pane and tab/window title not updated correctly when
       opening in new tab bug 1726940.
     * Allow mail tab bar to be controlled separately to browser tab bar bug
       1724515.
     * Copy any user set values for new mail.tabs prefs bug 1729165.
     * Merge Master Passwords and Passwords pref panes into a single pref
       pane bug 1728099.
     * Move warning about redirection pref from Content to Privacy & Security
       pane bug 1728185.
     * Move website icons prefs from content pref pane to browser pref pane
       bug 1727425.
     * Move browser / mailnews system integration prefs into advanced pane
       bug 1727659.
     * Have separate opentabfor.middleclick for mailnews bug 1727948.
     * Add removeBrowser helper for tabbrowser bug 1730391.
     * Put  in a  so it's easy to overlay bug 1730392.
     * Allow browser focus to be avoided bug 1720003.
     * SeaMonkey 32x32 default icon has light stripe at the bottom bug
       1729153.
     * Support  and  in SeaMonkey bug
       1730408.
     * Middleclick on browser tab handled twice (closes tab and loads URL
       from primary or clipboard) bug 1734407.
     * Unable to create a new "Saved Search Folder" using "Save View as a
       Folder..." bug 1738669.
     * Enable compression for standard http connections bug 1728996.
     * Support VS2022 for compiling under Windows bug 1728988.
     * SeaMonkey 2.53.10 uses the same backend as Firefox and contains the
       relevant Firefox 60.8 security fixes.
     * SeaMonkey 2.53.10 shares most parts of the mail and news code with
       Thunderbird. Please read the Thunderbird 60.0 release notes for
       specific changes and security fixes in this release.
     * Additional important security fixes up to Current Firefox 78.15 ESR
       and a few enhancements have been backported. We will continue to
       enhance SeaMonkey security in subsequent 2.53.x beta and release
       versions as fast as we are able to.

   update to SeaMonkey 2.53.9.1

     * Fix the lazy loading of images from some websites bug 1727967.
     * Move certain font family defaults from serif to sans serif bug 1727982.
     * SeaMonkey 2.53.9.1 uses the same backend as Firefox and contains the
       relevant Firefox 60.8 security fixes.
     * SeaMonkey 2.53.9.1 shares most parts of the mail and news code with
       Thunderbird. Please read the Thunderbird 60.0 release notes for
       specific changes and security fixes in this release.
     * Additional important security fixes up to Current Firefox 78.14 ESR
       and a few enhancements have been backported. We will continue to
       enhance SeaMonkey security in subsequent 2.53.x beta and release
       versions as fast as we are able to.

   update to SeaMonkey 2.53.9

     * There is now an option to clear browser history during shutdown bug
       1621445.
     * Uninstall plugin command for ChatZilla bug 541719.
     * Update icons used in ChatZilla status bar bug 1710238 and bug 1710249.
     * Make ChatZilla understand mIRC color code 99 bug 1710298.
     * Implement IRCv3 basic CAP negotiation bug 1717539 and CAP LIST and
       update CAP ACK and CAP LS bug 1710313.
     * Use Unicode instead of images for emojis in ChatZilla bug 1711375 and
       add some extra emojis bug 1711376.
     * Use SeaMonkey's configured web search rather than a separate one in
       ChatZilla bug 1712498.
     * Add a networks editor to ChatZilla bug 1716232.
     * Implement IRCv3 away-notify bug 1717543, chghost and userhost-in-names
       bug 1717544, self-messaging bug 1722212 and WHOX bug 1722214.
     * Link to SeaMonkey website in debugQA for verification sites and
       development section bug 1685606.
     * Send button should be disable until we have a recipient bug 104973.
     * Remove need to use a modifier for marking messages as unread bug
       1719216.
     * SeaMonkey 2.53.9 uses the same backend as Firefox and contains the
       relevant Firefox 60.8 security fixes.
     * SeaMonkey 2.53.9 shares most parts of the mail and news code with
       Thunderbird. Please read the Thunderbird 60.0 release notes for
       specific changes and security fixes in this release.
     * Additional important security fixes up to Current Firefox 78.13 ESR
       and a few enhancements have been backported. We will continue to
       enhance SeaMonkey security in subsequent 2.53.x beta and release
       versions as fast as we are able to.


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Backports SLE-15-SP3:

      zypper in -t patch openSUSE-2021-1588=1



Package List:

   - openSUSE Backports SLE-15-SP3 (aarch64 i586 x86_64):

      seamonkey-2.53.10.1-bp153.10.1
      seamonkey-dom-inspector-2.53.10.1-bp153.10.1
      seamonkey-irc-2.53.10.1-bp153.10.1


References: