openSUSE Security Update: Security update for seamonkey
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2022:0150-1
Rating:             important
References:         #1194735 
Cross-References:   CVE-2021-45417
CVSS scores:
                    CVE-2021-45417 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    openSUSE Leap 15.3
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update for seamonkey fixes the following issues:

   Update to SeaMonkey 2.53.12

   * Format Toolbar forgets its hidden status when switching to other view
     modes bug 1719020.
   * Remove obsolete plugin code from SeaMonkey bug 1762733.
   * Fix a few strict warnings in SeaMonkey bug 1755553.
   * Remove Run Flash from Site permissions and page info bug 1758289.
   * Use fixIterator and replace use of removeItemAt in FilterListDialog bug
     1756359.
   * Remove RDF usage in tabmail.js bug 1758282.
   * Implement 'Edit Template' and 'New Message From Template' commands and
     UI bug 1759376.
   * [SM] Implement 'Edit Draft' command and hide it when not in a draft
     folder (port Thunderbird bug 1106412) bug 1256716.
   * Messages in Template folder need "Edit Template" button in header (like
     for Drafts) bug 80280.
   * Refactor and simplify the feed Subscribe dialog options updates bug
     1420473.
   * Add system memory and disk size and placeDB page limit to about:support
     bug 1753729.
   * Remove warning about missing plugins in SeaMonkey 2.53 and 2.57 bug
     1755558.
   * SeaMonkey 2.53.12 uses the same backend as Firefox and contains the
     relevant Firefox 60.8 security fixes.
   * SeaMonkey 2.53.12 shares most parts of the mail and news code with
     Thunderbird. Please read the Thunderbird 60.8.0 release notes for
     specific security fixes in this release.
   * Additional important security fixes up to Current Firefox 91.9 and
     Thunderbird 91.9 ESR plus many enhancements have been backported. We
     will continue to enhance SeaMonkey security in subsequent 2.53.x beta
     and release versions as fast as we are able to.


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.3:

      zypper in -t patch openSUSE-2022-150=1 openSUSE-SLE-15.3-2022-150=1



Package List:

   - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

      aide-0.16-24.1
      aide-debuginfo-0.16-24.1
      aide-debugsource-0.16-24.1
      aide-test-0.16-24.1

   - openSUSE Leap 15.3 (i586 s390x x86_64):

      seamonkey-2.53.12-lp153.17.8.2
      seamonkey-debuginfo-2.53.12-lp153.17.8.2
      seamonkey-debugsource-2.53.12-lp153.17.8.2
      seamonkey-dom-inspector-2.53.12-lp153.17.8.2
      seamonkey-irc-2.53.12-lp153.17.8.2


References:

   https://www.suse.com/security/cve/CVE-2021-45417.html
   https://bugzilla.suse.com/1194735