blob: 39a1fc550f6caa1431118814cfcb2851c89cd0d8 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200610-04">
<title>Seamonkey: Multiple vulnerabilities</title>
The Seamonkey project has reported multiple security vulnerabilities in the
<product type="ebuild">seamonkey</product>
<announced>October 16, 2006</announced>
<revised>October 16, 2006: 01</revised>
<package name="www-client/seamonkey" auto="yes" arch="*">
<unaffected range="ge">1.0.5</unaffected>
<vulnerable range="lt">1.0.5</vulnerable>
The SeaMonkey project is a community effort to deliver
production-quality releases of code derived from the application
formerly known as 'Mozilla Application Suite'.
A number of vulnerabilities have been found and fixed in Seamonkey. For
details please consult the references below.
<impact type="normal">
The most severe vulnerability involves enticing a user to visit a
malicious website, crashing the application and executing arbitrary
code with the rights of the user running Seamonkey.
There is no known workaround at this time.
All Seamonkey users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=www-client/seamonkey-1.0.5&quot;</code>
<uri link="">CVE-2006-4253</uri>
<uri link="">CVE-2006-4565</uri>
<uri link="">CVE-2006-4566</uri>
<uri link="">CVE-2006-4568</uri>
<uri link="">CVE-2006-4570</uri>
<uri link="">CVE-2006-4571</uri>
<metadata tag="submitter" timestamp="Wed, 11 Oct 2006 11:17:26 +0000">
<metadata tag="bugReady" timestamp="Fri, 13 Oct 2006 13:40:59 +0000">