Date: Fri, 22 Feb 2008 07:42:59 GMT From: Jordan Gordeev <jgordeev@dir.bg> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/120962: www/seamonkey needs updating to address security issues Message-ID: <200802220742.m1M7gx5r081545@www.freebsd.org> Resent-Message-ID: <200802220750.m1M7o1ZU043969@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 120962 >Category: ports >Synopsis: www/seamonkey needs updating to address security issues >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Feb 22 07:50:00 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Jordan Gordeev >Release: FreeBSD 6.3 >Organization: >Environment: >Description: Seamonkey should be updated to version 1.1.8 to address the following security issues: MFSA 2008-10 URL token stealing via stylesheet redirect MFSA 2008-09 Mishandling of locally-saved plain text files MFSA 2008-07 Possible information disclosure in BMP decoder MFSA 2008-06 Web browsing history and forward navigation stealing MFSA 2008-05 Directory traversal via chrome: URI MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution MFSA 2008-02 Multiple file input focus stealing vulnerabilities MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12) Three of these are considered to have critical impact, one - high, two - moderate and two - low. >How-To-Repeat: >Fix: Update the port to version 1.1.8. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200802220742.m1M7gx5r081545>