Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Wed, 1 Feb 2012 13:03:20 -0600 Reply-To:This email address is being protected from spambots. You need JavaScript enabled to view it. Sender: Security Erratfor ScientifiLinuxFrom: This email address is being protected from spambots. You need JavaScript enabled to view it. Subject: Security ERRATA Critical: seamonkey on SL4.i386/x86_64 Comments: To:This email address is being protected from spambots. You need JavaScript enabled to view it. Synopsis: Critical: seamonkey security update IssuDate: 2012-02-01 CVE Numbers: CVE-2012-0442 CVE-2011-3670 SeaMonkey is an open sourcweb browser, e-maiand newsgrouclient, IRC chat client, and HTML editor. A flaw was found in thprocessing of malformed web contentA web page containing malicious content could causSeaMonkey tcrash or, potentially, executarbitrary codwith thprivileges of thuser running SeaMonkey(CVE-2012-0442) Thsame-origin policy in SeaMonkey treated and as interchangeableA malicious script could possibly usthis flaw tgain access tsensitivinformation (such as client's IP and user e-maiaddress, or httpOnly cookies) that may bincluded in HTTP proxy error replies, generated in responstinvalid URLs using squarbrackets(CVE-2011-3670) AlSeaMonkey users should upgradtthesupdated packages, which correct thesissuesAfter installing thupdate, SeaMonkey must brestarted for thchanges ttakeffect. SL4: i386 seamonkey-1.0.9-78.el4.i386.rpm seamonkey-chat-1.0.9-78.el4.i386.rpm seamonkey-debuginfo-1.0.9-78.el4.i386.rpm seamonkey-devel-1.0.9-78.el4.i386.rpm seamonkey-dom-inspector-1.0.9-78.el4.i386.rpm seamonkey-js-debugger-1.0.9-78.el4.i386.rpm seamonkey-mail-1.0.9-78.el4.i386.rpm x86_64 seamonkey-1.0.9-78.el4.x86_64.rpm seamonkey-chat-1.0.9-78.el4.x86_64.rpm seamonkey-debuginfo-1.0.9-78.el4.x86_64.rpm seamonkey-devel-1.0.9-78.el4.x86_64.rpm seamonkey-dom-inspector-1.0.9-78.el4.x86_64.rpm seamonkey-js-debugger-1.0.9-78.el4.x86_64.rpm seamonkey-mail-1.0.9-78.el4.x86_64.rpm - ScientifiLinuDevelopment Team