|
|
Log in / Subscribe / Register

Mageia alert MGASA-2017-0323 (iceape)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2017-0323: Updated iceape packages fix security vulnerabilities 


Date:
    	      Fri, 1 Sep 2017 23:11:11 +0200


Message-ID:
    	      <20170901211111.2AAF69F872@duvel.mageia.org>


MGASA-2017-0323 - Updated iceape packages fix security vulnerabilities

Publication date: 01 Sep 2017
URL: http://advisories.mageia.org/MGASA-2017-0323.html
Type: security
Affected Mageia releases: 5, 6
CVE: CVE-2016-5287,
     CVE-2016-5288,
     CVE-2016-5289,
     CVE-2016-5290,
     CVE-2016-5292,
     CVE-2016-5297,
     CVE-2016-9064,
     CVE-2016-9066,
     CVE-2016-9067,
     CVE-2016-9068,
     CVE-2016-9075,
     CVE-2016-9077,
     CVE-2016-5291,
     CVE-2016-9063,
     CVE-2016-9070,
     CVE-2016-9071,
     CVE-2016-9073,
     CVE-2016-9076,
     CVE-2016-9078,
     CVE-2016-9080,
     CVE-2016-9893,
     CVE-2016-9894,
     CVE-2016-9895,
     CVE-2016-9896,
     CVE-2016-9897,
     CVE-2016-9898,
     CVE-2016-9899,
     CVE-2016-9900,
     CVE-2016-9901,
     CVE-2016-9902,
     CVE-2016-9903,
     CVE-2016-9904,
     CVE-2017-5373,
     CVE-2017-5374,
     CVE-2017-5375,
     CVE-2017-5376,
     CVE-2017-5377,
     CVE-2017-5378,
     CVE-2017-5379,
     CVE-2017-5380,
     CVE-2017-5381,
     CVE-2017-5382,
     CVE-2017-5383,
     CVE-2017-5384,
     CVE-2017-5385,
     CVE-2017-5386,
     CVE-2017-5387,
     CVE-2017-5388,
     CVE-2017-5389,
     CVE-2017-5390,
     CVE-2017-5391,
     CVE-2017-5393,
     CVE-2017-5396

Description:
Updated Iceape packages include security fixes from upstream Seamonkey:

Multiple flaws were found in the way Iceape 2.46 processes various types
of web content, where loading a web page containing malicious content
could cause Iceape to crash, execute arbitrary code, or disclose
sensitive information. (CVE-2016-5287, CVE-2016-5288, CVE-2016-5289,
CVE-2016-5290, CVE-2016-5292, CVE-2016-5297, CVE-2016-9064,
CVE-2016-9066, CVE-2016-9067, CVE-2016-9068, CVE-2016-9075,
CVE-2016-9077, CVE-2016-5291, CVE-2016-9063, CVE-2016-9070,
CVE-2016-9071, CVE-2016-9073, CVE-2016-9076, CVE-2016-9078,
CVE-2016-9080, CVE-2016-9893, CVE-2016-9894, CVE-2016-9895,
CVE-2016-9896, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899,
CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9903,
CVE-2016-9904, CVE-2017-5373, CVE-2017-5374, CVE-2017-5375,
CVE-2017-5376, CVE-2017-5377, CVE-2017-5378, CVE-2017-5379,
CVE-2017-5380, CVE-2017-5381, CVE-2017-5382, CVE-2017-5383,
CVE-2017-5384, CVE-2017-5385, CVE-2017-5386, CVE-2017-5387,
CVE-2017-5388, CVE-2017-5389, CVE-2017-5390, CVE-2017-5391,
CVE-2017-5393, CVE-2017-5396)

References:
- https://bugs.mageia.org/show_bug.cgi?id=21637
- https://www.mozilla.org/en-US/security/advisories/mfsa201...
- https://www.mozilla.org/en-US/security/advisories/mfsa201...
- https://www.mozilla.org/en-US/security/advisories/mfsa201...
- https://www.mozilla.org/en-US/security/advisories/mfsa201...
- https://www.mozilla.org/en-US/security/advisories/mfsa201...
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5287
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5288
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5289
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5292
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9067
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9068
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9075
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9077
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9070
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9071
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9073
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9076
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9078
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9080
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9894
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9896
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9903
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5374
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5377
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5379
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5381
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5382
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5384
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5385
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5387
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5388
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5389
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5391
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5393
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

SRPMS:
- 5/core/iceape-2.48-1.mga5
- 6/core/iceape-2.48-1.mga6
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds