This bug was fixed in the package seamonkey - 1.1.13+nobinonly-0ubuntu1
--------------- seamonkey (1.1.13+nobinonly-0ubuntu1) jaunty; urgency=low
* New security upstream release: 1.1.13 (LP: #297789) - CVE-2008-4582: Information stealing via local shortcut files - CVE-2008-5012: Image stealing via canvas and HTTP redirect - CVE-2008-5013: Arbitrary code execution via Flash Player dynamic module unloading - CVE-2008-5014: Crash and remote code execution via __proto__ tampering - CVE-2008-5017: Browser engine crash - Firefox 2 and 3 - CVE-2008-5018: JavaScript engine crashes - Firefox 2 and 3 - CVE-2008-5019: XSS and JavaScript privilege escalation via session restore - CVE-2008-0017: Buffer overflow in http-index-format parser - CVE-2008-5021: Crash and remote code execution in nsFrameManager - CVE-2008-5022: nsXMLHttpRequest::NotifyEventListeners() same-origin violation - CVE-2008-5023: -moz-binding property bypasses security checks on codebase principals - CVE-2008-5024: Parsing error in E4X default namespace - CVE-NOTASSIGN (MFSA2008-59): Script access to .documentURI and .textContent in mail
* re-run autoconf2.13 to update configure patch to changed upstream codebase - update debian/patches/99_configure.patch
-- Alexander Sack <email address hidden> Wed, 26 Nov 2008 14:54:21 +0100
This bug was fixed in the package seamonkey - 1.1.13+ nobinonly- 0ubuntu1
--------------- nobinonly- 0ubuntu1) jaunty; urgency=low
seamonkey (1.1.13+
* New security upstream release: 1.1.13 (LP: #297789) t::NotifyEventL isteners( ) same-origin violation
- CVE-2008-4582: Information stealing via local shortcut files
- CVE-2008-5012: Image stealing via canvas and HTTP redirect
- CVE-2008-5013: Arbitrary code execution via Flash Player dynamic module unloading
- CVE-2008-5014: Crash and remote code execution via __proto__ tampering
- CVE-2008-5017: Browser engine crash - Firefox 2 and 3
- CVE-2008-5018: JavaScript engine crashes - Firefox 2 and 3
- CVE-2008-5019: XSS and JavaScript privilege escalation via session restore
- CVE-2008-0017: Buffer overflow in http-index-format parser
- CVE-2008-5021: Crash and remote code execution in nsFrameManager
- CVE-2008-5022: nsXMLHttpReques
- CVE-2008-5023: -moz-binding property bypasses security checks on codebase principals
- CVE-2008-5024: Parsing error in E4X default namespace
- CVE-NOTASSIGN (MFSA2008-59): Script access to .documentURI and .textContent in mail
* re-run autoconf2.13 to update configure patch to changed upstream codebase patches/ 99_configure. patch
- update debian/
-- Alexander Sack <email address hidden> Wed, 26 Nov 2008 14:54:21 +0100