Fedora alert FEDORA-2008-6517 (seamonkey)

From:
    	     
 
updates@fedoraproject.org
To:
    	     
 
fedora-package-announce@redhat.com
Subject:
    	     
 
[SECURITY] Fedora 8 Update: seamonkey-1.1.11-1.fc8
Date:
    	     
 
Fri, 18 Jul 2008 08:06:21 +0000
Message-ID:
    	     
 
<200807180806.m6I86AFk019007@bastion.fedora.phx.redhat.com>
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-6517
2008-07-18 01:38:06
--------------------------------------------------------------------------------

Name        : seamonkey
Product     : Fedora 8
Version     : 1.1.11
Release     : 1.fc8
URL         : http://www.mozilla.org/projects/seamonkey/
Summary     : Web browser, e-mail, news, IRC client, HTML editor
Description :
SeaMonkey is an all-in-one Internet application suite. It includes
a browser, mail/news client, IRC client, JavaScript debugger, and
a tool to inspect the DOM for web pages. It is derived from the
application formerly known as Mozilla Application Suite.

--------------------------------------------------------------------------------
Update Information:

Updated seamonkey packages that fix several security issues are now available
for Fedora 8.    An integer overflow flaw was found in the way Seamonkey
displayed certain web content. A malicious web site could cause Seamonkey to
crash, or execute arbitrary code with the permissions of the user running
Seamonkey. (CVE-2008-2785)    Updated packages update Seamonkey to upstream
version 1.1.11 to address this flaw:  http://www.mozilla.org/security/known-
vulnerabilities/seamonkey11.html#seamonkey1.1.11
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 15 2008 Christopher Aillon <caillon@redhat.com> - 1.1.11-1
- Update to 1.1.11
* Tue Jul  8 2008 Christopher Aillon <caillon@redhat.com> - 1.1.10-1
- Update to 1.1.10
- Use bullet characters to match GTK+
* Thu Apr 17 2008 Kai Engert <kengert@redhat.com> - 1.1.9-2
- add several upstream patches, not yet released:
  425576 (crash), 323508, 378132, 390295, 421622
* Fri Mar 28 2008 Kai Engert <kengert@redhat.com> - 1.1.9-1
- SeaMonkey 1.1.9
* Fri Feb  8 2008 Kai Engert <kengert@redhat.com> - 1.1.8-1
- SeaMonkey 1.1.8
* Sun Dec  2 2007 Kai Engert <kengert@redhat.com> - 1.1.7-1
- SeaMonkey 1.1.7
* Mon Nov  5 2007 Kai Engert <kengert@redhat.com> - 1.1.6-1
- SeaMonkey 1.1.6
* Fri Oct 19 2007 Kai Engert <kengert@redhat.com> - 1.1.5-2
- SeaMonkey 1.1.5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #452204 - CVE-2008-2785 mozilla: CSS reference counter overflow (ZDI-CAN-349)
        https://bugzilla.redhat.com/show_bug.cgi?id=452204
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update seamonkey' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...