FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Enterprise Watch List

 
 
LinkBack Thread Tools
 
Old 12-09-2010, 11:08 PM
 
Default Critical: seamonkey security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Critical: seamonkey security update
Advisory ID: RHSA-2010:0967-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2010-0967.html
Issue date: 2010-12-09
CVE Names: CVE-2010-3767 CVE-2010-3772 CVE-2010-3775
CVE-2010-3776
================================================== ===================

1. Summary:

Updated seamonkey packages that fix several security issues are now
available for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2010-3767, CVE-2010-3772, CVE-2010-3776)

A flaw was found in the way SeaMonkey loaded Java LiveConnect scripts.
Malicious web content could load a Java LiveConnect script in a way that
would result in the plug-in object having elevated privileges, allowing it
to execute Java code with the privileges of the user running SeaMonkey.
(CVE-2010-3775)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

660408 - CVE-2010-3776 Mozilla miscellaneous memory safety hazards (MFSA 2010-74)
660419 - CVE-2010-3772 Mozilla crash and remote code execution using HTML tags inside a XUL tree (MFSA 2010-77)
660422 - CVE-2010-3775 Mozilla Java security bypass from LiveConnect loaded via data: URL meta refresh (MFSA 2010-79)
660431 - CVE-2010-3767 Mozilla integer overflow vulnerability in NewIdArray (MFSA 2010-81)

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-66.el4_8.src.rpm

i386:
seamonkey-1.0.9-66.el4_8.i386.rpm
seamonkey-chat-1.0.9-66.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.i386.rpm
seamonkey-devel-1.0.9-66.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.i386.rpm
seamonkey-mail-1.0.9-66.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-66.el4_8.ia64.rpm
seamonkey-chat-1.0.9-66.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.ia64.rpm
seamonkey-devel-1.0.9-66.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.ia64.rpm
seamonkey-mail-1.0.9-66.el4_8.ia64.rpm

ppc:
seamonkey-1.0.9-66.el4_8.ppc.rpm
seamonkey-chat-1.0.9-66.el4_8.ppc.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.ppc.rpm
seamonkey-devel-1.0.9-66.el4_8.ppc.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.ppc.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.ppc.rpm
seamonkey-mail-1.0.9-66.el4_8.ppc.rpm

s390:
seamonkey-1.0.9-66.el4_8.s390.rpm
seamonkey-chat-1.0.9-66.el4_8.s390.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.s390.rpm
seamonkey-devel-1.0.9-66.el4_8.s390.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.s390.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.s390.rpm
seamonkey-mail-1.0.9-66.el4_8.s390.rpm

s390x:
seamonkey-1.0.9-66.el4_8.s390x.rpm
seamonkey-chat-1.0.9-66.el4_8.s390x.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.s390x.rpm
seamonkey-devel-1.0.9-66.el4_8.s390x.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.s390x.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.s390x.rpm
seamonkey-mail-1.0.9-66.el4_8.s390x.rpm

x86_64:
seamonkey-1.0.9-66.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-66.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-66.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-66.el4_8.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-66.el4_8.src.rpm

i386:
seamonkey-1.0.9-66.el4_8.i386.rpm
seamonkey-chat-1.0.9-66.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.i386.rpm
seamonkey-devel-1.0.9-66.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.i386.rpm
seamonkey-mail-1.0.9-66.el4_8.i386.rpm

x86_64:
seamonkey-1.0.9-66.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-66.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-66.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-66.el4_8.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-66.el4_8.src.rpm

i386:
seamonkey-1.0.9-66.el4_8.i386.rpm
seamonkey-chat-1.0.9-66.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.i386.rpm
seamonkey-devel-1.0.9-66.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.i386.rpm
seamonkey-mail-1.0.9-66.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-66.el4_8.ia64.rpm
seamonkey-chat-1.0.9-66.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.ia64.rpm
seamonkey-devel-1.0.9-66.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.ia64.rpm
seamonkey-mail-1.0.9-66.el4_8.ia64.rpm

x86_64:
seamonkey-1.0.9-66.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-66.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-66.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-66.el4_8.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-66.el4_8.src.rpm

i386:
seamonkey-1.0.9-66.el4_8.i386.rpm
seamonkey-chat-1.0.9-66.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.i386.rpm
seamonkey-devel-1.0.9-66.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.i386.rpm
seamonkey-mail-1.0.9-66.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-66.el4_8.ia64.rpm
seamonkey-chat-1.0.9-66.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.ia64.rpm
seamonkey-devel-1.0.9-66.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.ia64.rpm
seamonkey-mail-1.0.9-66.el4_8.ia64.rpm

x86_64:
seamonkey-1.0.9-66.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-66.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-66.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-66.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-66.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-66.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-66.el4_8.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2010-3767.html
https://www.redhat.com/security/data/cve/CVE-2010-3772.html
https://www.redhat.com/security/data/cve/CVE-2010-3775.html
https://www.redhat.com/security/data/cve/CVE-2010-3776.html
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2010 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFNAW9bXlSAg2UNWIIRAvPmAJ9yZiQxQ+n8p3wBa/CBjiLbDw9fSwCfcUXS
CXwq2gG6YJ8KVulRjJH6nnU=
=XCbs
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 03-02-2011, 12:37 AM
 
Default Critical: seamonkey security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Critical: seamonkey security update
Advisory ID: RHSA-2011:0313-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0313.html
Issue date: 2011-03-01
CVE Names: CVE-2011-0051 CVE-2011-0053 CVE-2011-0059
================================================== ===================

1. Summary:

Updated seamonkey packages that fix several security issues are now
available for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.

A flaw was found in the way SeaMonkey handled dialog boxes. An attacker
could use this flaw to create a malicious web page that would present a
blank dialog box that has non-functioning buttons. If a user closes the
dialog box window, it could unexpectedly grant the malicious web page
elevated privileges. (CVE-2011-0051)

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2011-0053)

A flaw was found in the way SeaMonkey handled plug-ins that perform HTTP
requests. If a plug-in performed an HTTP request, and the server sent a 307
redirect response, the plug-in was not notified, and the HTTP request was
forwarded. The forwarded request could contain custom headers, which could
result in a Cross Site Request Forgery attack. (CVE-2011-0059)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

675082 - CVE-2011-0053 Mozilla miscellaneous memory safety hazards (MFSA 2011-01)
675087 - CVE-2011-0051 Mozilla recursive eval call causes confirm dialog to evaluate to true (MFSA 2011-02)
681369 - CVE-2011-0059 Mozilla CSRF risk with plugins and 307 redirects (MFSA 2011-10)

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-67.el4_8.src.rpm

i386:
seamonkey-1.0.9-67.el4_8.i386.rpm
seamonkey-chat-1.0.9-67.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.i386.rpm
seamonkey-devel-1.0.9-67.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.i386.rpm
seamonkey-mail-1.0.9-67.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-67.el4_8.ia64.rpm
seamonkey-chat-1.0.9-67.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.ia64.rpm
seamonkey-devel-1.0.9-67.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.ia64.rpm
seamonkey-mail-1.0.9-67.el4_8.ia64.rpm

ppc:
seamonkey-1.0.9-67.el4_8.ppc.rpm
seamonkey-chat-1.0.9-67.el4_8.ppc.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.ppc.rpm
seamonkey-devel-1.0.9-67.el4_8.ppc.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.ppc.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.ppc.rpm
seamonkey-mail-1.0.9-67.el4_8.ppc.rpm

s390:
seamonkey-1.0.9-67.el4_8.s390.rpm
seamonkey-chat-1.0.9-67.el4_8.s390.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.s390.rpm
seamonkey-devel-1.0.9-67.el4_8.s390.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.s390.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.s390.rpm
seamonkey-mail-1.0.9-67.el4_8.s390.rpm

s390x:
seamonkey-1.0.9-67.el4_8.s390x.rpm
seamonkey-chat-1.0.9-67.el4_8.s390x.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.s390x.rpm
seamonkey-devel-1.0.9-67.el4_8.s390x.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.s390x.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.s390x.rpm
seamonkey-mail-1.0.9-67.el4_8.s390x.rpm

x86_64:
seamonkey-1.0.9-67.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-67.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-67.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-67.el4_8.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-67.el4_8.src.rpm

i386:
seamonkey-1.0.9-67.el4_8.i386.rpm
seamonkey-chat-1.0.9-67.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.i386.rpm
seamonkey-devel-1.0.9-67.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.i386.rpm
seamonkey-mail-1.0.9-67.el4_8.i386.rpm

x86_64:
seamonkey-1.0.9-67.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-67.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-67.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-67.el4_8.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-67.el4_8.src.rpm

i386:
seamonkey-1.0.9-67.el4_8.i386.rpm
seamonkey-chat-1.0.9-67.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.i386.rpm
seamonkey-devel-1.0.9-67.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.i386.rpm
seamonkey-mail-1.0.9-67.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-67.el4_8.ia64.rpm
seamonkey-chat-1.0.9-67.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.ia64.rpm
seamonkey-devel-1.0.9-67.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.ia64.rpm
seamonkey-mail-1.0.9-67.el4_8.ia64.rpm

x86_64:
seamonkey-1.0.9-67.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-67.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-67.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-67.el4_8.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-67.el4_8.src.rpm

i386:
seamonkey-1.0.9-67.el4_8.i386.rpm
seamonkey-chat-1.0.9-67.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.i386.rpm
seamonkey-devel-1.0.9-67.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.i386.rpm
seamonkey-mail-1.0.9-67.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-67.el4_8.ia64.rpm
seamonkey-chat-1.0.9-67.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.ia64.rpm
seamonkey-devel-1.0.9-67.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.ia64.rpm
seamonkey-mail-1.0.9-67.el4_8.ia64.rpm

x86_64:
seamonkey-1.0.9-67.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-67.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-67.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-67.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-67.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-67.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-67.el4_8.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-0051.html
https://www.redhat.com/security/data/cve/CVE-2011-0053.html
https://www.redhat.com/security/data/cve/CVE-2011-0059.html
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFNbZ9dXlSAg2UNWIIRAkI0AJwL3t4328J6ZnXFVPPkpR YnOoxSrACfdf2p
pcAvnhIGk9lSWUcZmNUDH4M=
=oFBz
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 04-29-2011, 03:23 AM
 
Default Critical: seamonkey security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Critical: seamonkey security update
Advisory ID: RHSA-2011:0473-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0473.html
Issue date: 2011-04-28
CVE Names: CVE-2011-0072 CVE-2011-0073 CVE-2011-0074
CVE-2011-0075 CVE-2011-0077 CVE-2011-0078
CVE-2011-0080
================================================== ===================

1. Summary:

Updated seamonkey packages that fix several security issues are now
available for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could possibly lead to arbitrary code
execution with the privileges of the user running SeaMonkey.
(CVE-2011-0080)

An arbitrary memory write flaw was found in the way SeaMonkey handled
out-of-memory conditions. If all memory was consumed when a user visited a
malicious web page, it could possibly lead to arbitrary code execution
with the privileges of the user running SeaMonkey. (CVE-2011-0078)

An integer overflow flaw was found in the way SeaMonkey handled the HTML
frameset tag. A web page with a frameset tag containing large values for
the "rows" and "cols" attributes could trigger this flaw, possibly leading
to arbitrary code execution with the privileges of the user running
SeaMonkey. (CVE-2011-0077)

A flaw was found in the way SeaMonkey handled the HTML iframe tag. A web
page with an iframe tag containing a specially-crafted source address could
trigger this flaw, possibly leading to arbitrary code execution with the
privileges of the user running SeaMonkey. (CVE-2011-0075)

A flaw was found in the way SeaMonkey displayed multiple marquee elements.
A malformed HTML document could cause SeaMonkey to execute arbitrary code
with the privileges of the user running SeaMonkey. (CVE-2011-0074)

A flaw was found in the way SeaMonkey handled the nsTreeSelection element.
Malformed content could cause SeaMonkey to execute arbitrary code with the
privileges of the user running SeaMonkey. (CVE-2011-0073)

A use-after-free flaw was found in the way SeaMonkey appended frame and
iframe elements to a DOM tree when the NoScript add-on was enabled.
Malicious HTML content could cause SeaMonkey to execute arbitrary code with
the privileges of the user running SeaMonkey. (CVE-2011-0072)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

700603 - CVE-2011-0078 Mozilla OOM condition arbitrary memory write (MFSA 2011-12)
700613 - CVE-2011-0077 Mozilla integer overflow in frameset spec (MFSA 2011-12)
700615 - CVE-2011-0075 Mozilla crash from bad iframe source (MFSA 2011-12)
700617 - CVE-2011-0074 Mozilla crash from several marquee elements (MFSA 2011-12)
700619 - CVE-2011-0073 Mozilla dangling pointer flaw (MFSA 2011-13)
700622 - CVE-2011-0072 Mozilla use after free flaw (MFSA 2011-12)
700677 - CVE-2011-0080 Mozilla memory safety issue (MFSA 2011-12)

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-70.el4_8.src.rpm

i386:
seamonkey-1.0.9-70.el4_8.i386.rpm
seamonkey-chat-1.0.9-70.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.i386.rpm
seamonkey-devel-1.0.9-70.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.i386.rpm
seamonkey-mail-1.0.9-70.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-70.el4_8.ia64.rpm
seamonkey-chat-1.0.9-70.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.ia64.rpm
seamonkey-devel-1.0.9-70.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.ia64.rpm
seamonkey-mail-1.0.9-70.el4_8.ia64.rpm

ppc:
seamonkey-1.0.9-70.el4_8.ppc.rpm
seamonkey-chat-1.0.9-70.el4_8.ppc.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.ppc.rpm
seamonkey-devel-1.0.9-70.el4_8.ppc.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.ppc.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.ppc.rpm
seamonkey-mail-1.0.9-70.el4_8.ppc.rpm

s390:
seamonkey-1.0.9-70.el4_8.s390.rpm
seamonkey-chat-1.0.9-70.el4_8.s390.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.s390.rpm
seamonkey-devel-1.0.9-70.el4_8.s390.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.s390.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.s390.rpm
seamonkey-mail-1.0.9-70.el4_8.s390.rpm

s390x:
seamonkey-1.0.9-70.el4_8.s390x.rpm
seamonkey-chat-1.0.9-70.el4_8.s390x.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.s390x.rpm
seamonkey-devel-1.0.9-70.el4_8.s390x.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.s390x.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.s390x.rpm
seamonkey-mail-1.0.9-70.el4_8.s390x.rpm

x86_64:
seamonkey-1.0.9-70.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-70.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-70.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-70.el4_8.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-70.el4_8.src.rpm

i386:
seamonkey-1.0.9-70.el4_8.i386.rpm
seamonkey-chat-1.0.9-70.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.i386.rpm
seamonkey-devel-1.0.9-70.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.i386.rpm
seamonkey-mail-1.0.9-70.el4_8.i386.rpm

x86_64:
seamonkey-1.0.9-70.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-70.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-70.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-70.el4_8.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-70.el4_8.src.rpm

i386:
seamonkey-1.0.9-70.el4_8.i386.rpm
seamonkey-chat-1.0.9-70.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.i386.rpm
seamonkey-devel-1.0.9-70.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.i386.rpm
seamonkey-mail-1.0.9-70.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-70.el4_8.ia64.rpm
seamonkey-chat-1.0.9-70.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.ia64.rpm
seamonkey-devel-1.0.9-70.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.ia64.rpm
seamonkey-mail-1.0.9-70.el4_8.ia64.rpm

x86_64:
seamonkey-1.0.9-70.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-70.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-70.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-70.el4_8.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-70.el4_8.src.rpm

i386:
seamonkey-1.0.9-70.el4_8.i386.rpm
seamonkey-chat-1.0.9-70.el4_8.i386.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.i386.rpm
seamonkey-devel-1.0.9-70.el4_8.i386.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.i386.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.i386.rpm
seamonkey-mail-1.0.9-70.el4_8.i386.rpm

ia64:
seamonkey-1.0.9-70.el4_8.ia64.rpm
seamonkey-chat-1.0.9-70.el4_8.ia64.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.ia64.rpm
seamonkey-devel-1.0.9-70.el4_8.ia64.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.ia64.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.ia64.rpm
seamonkey-mail-1.0.9-70.el4_8.ia64.rpm

x86_64:
seamonkey-1.0.9-70.el4_8.x86_64.rpm
seamonkey-chat-1.0.9-70.el4_8.x86_64.rpm
seamonkey-debuginfo-1.0.9-70.el4_8.x86_64.rpm
seamonkey-devel-1.0.9-70.el4_8.x86_64.rpm
seamonkey-dom-inspector-1.0.9-70.el4_8.x86_64.rpm
seamonkey-js-debugger-1.0.9-70.el4_8.x86_64.rpm
seamonkey-mail-1.0.9-70.el4_8.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-0072.html
https://www.redhat.com/security/data/cve/CVE-2011-0073.html
https://www.redhat.com/security/data/cve/CVE-2011-0074.html
https://www.redhat.com/security/data/cve/CVE-2011-0075.html
https://www.redhat.com/security/data/cve/CVE-2011-0077.html
https://www.redhat.com/security/data/cve/CVE-2011-0078.html
https://www.redhat.com/security/data/cve/CVE-2011-0080.html
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is &lt;secalert@redhat.com&gt;. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFNui8NXlSAg2UNWIIRAhCJAJ90ez34ELrReixxuLiZrt/VPLSZNgCeJlJN
/WBj3jl3k7wkHen8AJh2b0I=
=O0mV
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 06-21-2011, 11:26 PM
 
Default Critical: seamonkey security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Critical: seamonkey security update
Advisory ID: RHSA-2011:0888-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0888.html
Issue date: 2011-06-21
CVE Names: CVE-2011-0083 CVE-2011-0085 CVE-2011-2362
CVE-2011-2363 CVE-2011-2364 CVE-2011-2365
CVE-2011-2371 CVE-2011-2373 CVE-2011-2374
CVE-2011-2375 CVE-2011-2376 CVE-2011-2377
================================================== ===================

1. Summary:

Updated seamonkey packages that fix several security issues are now
available for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.

A flaw was found in the way SeaMonkey handled malformed JPEG images. A
website containing a malicious JPEG image could cause SeaMonkey to crash
or, potentially, execute arbitrary code with the privileges of the user
running SeaMonkey. (CVE-2011-2377)

Multiple dangling pointer flaws were found in SeaMonkey. A web page
containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363)

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375,
CVE-2011-2376)

An integer overflow flaw was found in the way SeaMonkey handled JavaScript
Array objects. A website containing malicious JavaScript could cause
SeaMonkey to execute that JavaScript with the privileges of the user
running SeaMonkey. (CVE-2011-2371)

A use-after-free flaw was found in the way SeaMonkey handled malformed
JavaScript. A website containing malicious JavaScript could cause SeaMonkey
to execute that JavaScript with the privileges of the user running
SeaMonkey. (CVE-2011-2373)

It was found that SeaMonkey could treat two separate cookies as
interchangeable if both were for the same domain name but one of those
domain names had a trailing "." character. This violates the same-origin
policy and could possibly lead to data being leaked to the wrong domain.
(CVE-2011-2362)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

714576 - CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376 Mozilla Miscellaneous memory safety hazards (MFSA 2011-19)
714577 - CVE-2011-2373 Mozilla Use-after-free vulnerability when viewing XUL document with script disabled (MFSA 2011-20)
714580 - CVE-2011-2371 Mozilla Integer overflow and arbitrary code execution (MFSA 2011-22)
714581 - CVE-2011-0083 CVE-2011-0085 CVE-2011-2363 Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)
714583 - CVE-2011-2362 Mozilla Cookie isolation error (MFSA 2011-24)
714929 - CVE-2011-2377 Mozilla Crash caused by corrupted JPEG image (MFSA 2011-21)

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-71.el4.src.rpm

i386:
seamonkey-1.0.9-71.el4.i386.rpm
seamonkey-chat-1.0.9-71.el4.i386.rpm
seamonkey-debuginfo-1.0.9-71.el4.i386.rpm
seamonkey-devel-1.0.9-71.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-71.el4.i386.rpm
seamonkey-js-debugger-1.0.9-71.el4.i386.rpm
seamonkey-mail-1.0.9-71.el4.i386.rpm

ia64:
seamonkey-1.0.9-71.el4.ia64.rpm
seamonkey-chat-1.0.9-71.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-71.el4.ia64.rpm
seamonkey-devel-1.0.9-71.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-71.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-71.el4.ia64.rpm
seamonkey-mail-1.0.9-71.el4.ia64.rpm

ppc:
seamonkey-1.0.9-71.el4.ppc.rpm
seamonkey-chat-1.0.9-71.el4.ppc.rpm
seamonkey-debuginfo-1.0.9-71.el4.ppc.rpm
seamonkey-devel-1.0.9-71.el4.ppc.rpm
seamonkey-dom-inspector-1.0.9-71.el4.ppc.rpm
seamonkey-js-debugger-1.0.9-71.el4.ppc.rpm
seamonkey-mail-1.0.9-71.el4.ppc.rpm

s390:
seamonkey-1.0.9-71.el4.s390.rpm
seamonkey-chat-1.0.9-71.el4.s390.rpm
seamonkey-debuginfo-1.0.9-71.el4.s390.rpm
seamonkey-devel-1.0.9-71.el4.s390.rpm
seamonkey-dom-inspector-1.0.9-71.el4.s390.rpm
seamonkey-js-debugger-1.0.9-71.el4.s390.rpm
seamonkey-mail-1.0.9-71.el4.s390.rpm

s390x:
seamonkey-1.0.9-71.el4.s390x.rpm
seamonkey-chat-1.0.9-71.el4.s390x.rpm
seamonkey-debuginfo-1.0.9-71.el4.s390x.rpm
seamonkey-devel-1.0.9-71.el4.s390x.rpm
seamonkey-dom-inspector-1.0.9-71.el4.s390x.rpm
seamonkey-js-debugger-1.0.9-71.el4.s390x.rpm
seamonkey-mail-1.0.9-71.el4.s390x.rpm

x86_64:
seamonkey-1.0.9-71.el4.x86_64.rpm
seamonkey-chat-1.0.9-71.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-71.el4.x86_64.rpm
seamonkey-devel-1.0.9-71.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-71.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-71.el4.x86_64.rpm
seamonkey-mail-1.0.9-71.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-71.el4.src.rpm

i386:
seamonkey-1.0.9-71.el4.i386.rpm
seamonkey-chat-1.0.9-71.el4.i386.rpm
seamonkey-debuginfo-1.0.9-71.el4.i386.rpm
seamonkey-devel-1.0.9-71.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-71.el4.i386.rpm
seamonkey-js-debugger-1.0.9-71.el4.i386.rpm
seamonkey-mail-1.0.9-71.el4.i386.rpm

x86_64:
seamonkey-1.0.9-71.el4.x86_64.rpm
seamonkey-chat-1.0.9-71.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-71.el4.x86_64.rpm
seamonkey-devel-1.0.9-71.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-71.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-71.el4.x86_64.rpm
seamonkey-mail-1.0.9-71.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-71.el4.src.rpm

i386:
seamonkey-1.0.9-71.el4.i386.rpm
seamonkey-chat-1.0.9-71.el4.i386.rpm
seamonkey-debuginfo-1.0.9-71.el4.i386.rpm
seamonkey-devel-1.0.9-71.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-71.el4.i386.rpm
seamonkey-js-debugger-1.0.9-71.el4.i386.rpm
seamonkey-mail-1.0.9-71.el4.i386.rpm

ia64:
seamonkey-1.0.9-71.el4.ia64.rpm
seamonkey-chat-1.0.9-71.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-71.el4.ia64.rpm
seamonkey-devel-1.0.9-71.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-71.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-71.el4.ia64.rpm
seamonkey-mail-1.0.9-71.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-71.el4.x86_64.rpm
seamonkey-chat-1.0.9-71.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-71.el4.x86_64.rpm
seamonkey-devel-1.0.9-71.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-71.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-71.el4.x86_64.rpm
seamonkey-mail-1.0.9-71.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-71.el4.src.rpm

i386:
seamonkey-1.0.9-71.el4.i386.rpm
seamonkey-chat-1.0.9-71.el4.i386.rpm
seamonkey-debuginfo-1.0.9-71.el4.i386.rpm
seamonkey-devel-1.0.9-71.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-71.el4.i386.rpm
seamonkey-js-debugger-1.0.9-71.el4.i386.rpm
seamonkey-mail-1.0.9-71.el4.i386.rpm

ia64:
seamonkey-1.0.9-71.el4.ia64.rpm
seamonkey-chat-1.0.9-71.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-71.el4.ia64.rpm
seamonkey-devel-1.0.9-71.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-71.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-71.el4.ia64.rpm
seamonkey-mail-1.0.9-71.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-71.el4.x86_64.rpm
seamonkey-chat-1.0.9-71.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-71.el4.x86_64.rpm
seamonkey-devel-1.0.9-71.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-71.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-71.el4.x86_64.rpm
seamonkey-mail-1.0.9-71.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-0083.html
https://www.redhat.com/security/data/cve/CVE-2011-0085.html
https://www.redhat.com/security/data/cve/CVE-2011-2362.html
https://www.redhat.com/security/data/cve/CVE-2011-2363.html
https://www.redhat.com/security/data/cve/CVE-2011-2364.html
https://www.redhat.com/security/data/cve/CVE-2011-2365.html
https://www.redhat.com/security/data/cve/CVE-2011-2371.html
https://www.redhat.com/security/data/cve/CVE-2011-2373.html
https://www.redhat.com/security/data/cve/CVE-2011-2374.html
https://www.redhat.com/security/data/cve/CVE-2011-2375.html
https://www.redhat.com/security/data/cve/CVE-2011-2376.html
https://www.redhat.com/security/data/cve/CVE-2011-2377.html
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFOASioXlSAg2UNWIIRAp8rAJ0S1ZInjYMZ6LJVMWEcQH k3CmUM6QCeIjKb
u3vKwXCTw3dsB9u/QlfgOco=
=j+1p
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 08-16-2011, 06:55 PM
 
Default Critical: seamonkey security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Critical: seamonkey security update
Advisory ID: RHSA-2011:1167-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1167.html
Issue date: 2011-08-16
CVE Names: CVE-2011-2982 CVE-2011-2983
================================================== ===================

1. Summary:

Updated seamonkey packages that fix several security issues are now
available for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2011-2982)

A flaw was found in the way SeaMonkey handled malformed JavaScript. A web
page containing malicious JavaScript could cause SeaMonkey to access
already freed memory, causing SeaMonkey to crash or, potentially, execute
arbitrary code with the privileges of the user running SeaMonkey.
(CVE-2011-2983)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

730518 - CVE-2011-2982 Mozilla: Miscellaneous memory safety hazards
730523 - CVE-2011-2983 Mozilla: Private data leakage using RegExp.input

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-72.el4.src.rpm

i386:
seamonkey-1.0.9-72.el4.i386.rpm
seamonkey-chat-1.0.9-72.el4.i386.rpm
seamonkey-debuginfo-1.0.9-72.el4.i386.rpm
seamonkey-devel-1.0.9-72.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-72.el4.i386.rpm
seamonkey-js-debugger-1.0.9-72.el4.i386.rpm
seamonkey-mail-1.0.9-72.el4.i386.rpm

ia64:
seamonkey-1.0.9-72.el4.ia64.rpm
seamonkey-chat-1.0.9-72.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-72.el4.ia64.rpm
seamonkey-devel-1.0.9-72.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-72.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-72.el4.ia64.rpm
seamonkey-mail-1.0.9-72.el4.ia64.rpm

ppc:
seamonkey-1.0.9-72.el4.ppc.rpm
seamonkey-chat-1.0.9-72.el4.ppc.rpm
seamonkey-debuginfo-1.0.9-72.el4.ppc.rpm
seamonkey-devel-1.0.9-72.el4.ppc.rpm
seamonkey-dom-inspector-1.0.9-72.el4.ppc.rpm
seamonkey-js-debugger-1.0.9-72.el4.ppc.rpm
seamonkey-mail-1.0.9-72.el4.ppc.rpm

s390:
seamonkey-1.0.9-72.el4.s390.rpm
seamonkey-chat-1.0.9-72.el4.s390.rpm
seamonkey-debuginfo-1.0.9-72.el4.s390.rpm
seamonkey-devel-1.0.9-72.el4.s390.rpm
seamonkey-dom-inspector-1.0.9-72.el4.s390.rpm
seamonkey-js-debugger-1.0.9-72.el4.s390.rpm
seamonkey-mail-1.0.9-72.el4.s390.rpm

s390x:
seamonkey-1.0.9-72.el4.s390x.rpm
seamonkey-chat-1.0.9-72.el4.s390x.rpm
seamonkey-debuginfo-1.0.9-72.el4.s390x.rpm
seamonkey-devel-1.0.9-72.el4.s390x.rpm
seamonkey-dom-inspector-1.0.9-72.el4.s390x.rpm
seamonkey-js-debugger-1.0.9-72.el4.s390x.rpm
seamonkey-mail-1.0.9-72.el4.s390x.rpm

x86_64:
seamonkey-1.0.9-72.el4.x86_64.rpm
seamonkey-chat-1.0.9-72.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-72.el4.x86_64.rpm
seamonkey-devel-1.0.9-72.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-72.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-72.el4.x86_64.rpm
seamonkey-mail-1.0.9-72.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-72.el4.src.rpm

i386:
seamonkey-1.0.9-72.el4.i386.rpm
seamonkey-chat-1.0.9-72.el4.i386.rpm
seamonkey-debuginfo-1.0.9-72.el4.i386.rpm
seamonkey-devel-1.0.9-72.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-72.el4.i386.rpm
seamonkey-js-debugger-1.0.9-72.el4.i386.rpm
seamonkey-mail-1.0.9-72.el4.i386.rpm

x86_64:
seamonkey-1.0.9-72.el4.x86_64.rpm
seamonkey-chat-1.0.9-72.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-72.el4.x86_64.rpm
seamonkey-devel-1.0.9-72.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-72.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-72.el4.x86_64.rpm
seamonkey-mail-1.0.9-72.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-72.el4.src.rpm

i386:
seamonkey-1.0.9-72.el4.i386.rpm
seamonkey-chat-1.0.9-72.el4.i386.rpm
seamonkey-debuginfo-1.0.9-72.el4.i386.rpm
seamonkey-devel-1.0.9-72.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-72.el4.i386.rpm
seamonkey-js-debugger-1.0.9-72.el4.i386.rpm
seamonkey-mail-1.0.9-72.el4.i386.rpm

ia64:
seamonkey-1.0.9-72.el4.ia64.rpm
seamonkey-chat-1.0.9-72.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-72.el4.ia64.rpm
seamonkey-devel-1.0.9-72.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-72.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-72.el4.ia64.rpm
seamonkey-mail-1.0.9-72.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-72.el4.x86_64.rpm
seamonkey-chat-1.0.9-72.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-72.el4.x86_64.rpm
seamonkey-devel-1.0.9-72.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-72.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-72.el4.x86_64.rpm
seamonkey-mail-1.0.9-72.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-72.el4.src.rpm

i386:
seamonkey-1.0.9-72.el4.i386.rpm
seamonkey-chat-1.0.9-72.el4.i386.rpm
seamonkey-debuginfo-1.0.9-72.el4.i386.rpm
seamonkey-devel-1.0.9-72.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-72.el4.i386.rpm
seamonkey-js-debugger-1.0.9-72.el4.i386.rpm
seamonkey-mail-1.0.9-72.el4.i386.rpm

ia64:
seamonkey-1.0.9-72.el4.ia64.rpm
seamonkey-chat-1.0.9-72.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-72.el4.ia64.rpm
seamonkey-devel-1.0.9-72.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-72.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-72.el4.ia64.rpm
seamonkey-mail-1.0.9-72.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-72.el4.x86_64.rpm
seamonkey-chat-1.0.9-72.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-72.el4.x86_64.rpm
seamonkey-devel-1.0.9-72.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-72.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-72.el4.x86_64.rpm
seamonkey-mail-1.0.9-72.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-2982.html
https://www.redhat.com/security/data/cve/CVE-2011-2983.html
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFOSrzsXlSAg2UNWIIRAlHXAJ9k0+Q3Bz6hQuzt6AUcQ+ rZo9txeQCfQOYy
S9Ob5tUTtnA4nLk4IQGn6R8=
=qoDJ
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 09-28-2011, 11:59 PM
 
Default Critical: seamonkey security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Critical: seamonkey security update
Advisory ID: RHSA-2011:1344-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1344.html
Issue date: 2011-09-28
CVE Names: CVE-2011-2998 CVE-2011-2999
================================================== ===================

1. Summary:

Updated seamonkey packages that fix two security issues are now available
for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source web browser, email and newsgroup client, IRC
chat client, and HTML editor.

A flaw was found in the way SeaMonkey handled frame objects with certain
names. An attacker could use this flaw to cause a plug-in to grant its
content access to another site or the local file system, violating the
same-origin policy. (CVE-2011-2999)

An integer underflow flaw was found in the way SeaMonkey handled large
JavaScript regular expressions. A web page containing malicious JavaScript
could cause SeaMonkey to access already freed memory, causing SeaMonkey to
crash or, potentially, execute arbitrary code with the privileges of the
user running SeaMonkey. (CVE-2011-2998)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

741904 - CVE-2011-2999 Mozilla: XSS via plugins and shadowed window.location object (MFSA 2011-38)
741924 - CVE-2011-2998 Mozilla: Integer underflow when using JavaScript RegExp (MFSA 2011-37)

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-76.el4.src.rpm

i386:
seamonkey-1.0.9-76.el4.i386.rpm
seamonkey-chat-1.0.9-76.el4.i386.rpm
seamonkey-debuginfo-1.0.9-76.el4.i386.rpm
seamonkey-devel-1.0.9-76.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-76.el4.i386.rpm
seamonkey-js-debugger-1.0.9-76.el4.i386.rpm
seamonkey-mail-1.0.9-76.el4.i386.rpm

ia64:
seamonkey-1.0.9-76.el4.ia64.rpm
seamonkey-chat-1.0.9-76.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-76.el4.ia64.rpm
seamonkey-devel-1.0.9-76.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-76.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-76.el4.ia64.rpm
seamonkey-mail-1.0.9-76.el4.ia64.rpm

ppc:
seamonkey-1.0.9-76.el4.ppc.rpm
seamonkey-chat-1.0.9-76.el4.ppc.rpm
seamonkey-debuginfo-1.0.9-76.el4.ppc.rpm
seamonkey-devel-1.0.9-76.el4.ppc.rpm
seamonkey-dom-inspector-1.0.9-76.el4.ppc.rpm
seamonkey-js-debugger-1.0.9-76.el4.ppc.rpm
seamonkey-mail-1.0.9-76.el4.ppc.rpm

s390:
seamonkey-1.0.9-76.el4.s390.rpm
seamonkey-chat-1.0.9-76.el4.s390.rpm
seamonkey-debuginfo-1.0.9-76.el4.s390.rpm
seamonkey-devel-1.0.9-76.el4.s390.rpm
seamonkey-dom-inspector-1.0.9-76.el4.s390.rpm
seamonkey-js-debugger-1.0.9-76.el4.s390.rpm
seamonkey-mail-1.0.9-76.el4.s390.rpm

s390x:
seamonkey-1.0.9-76.el4.s390x.rpm
seamonkey-chat-1.0.9-76.el4.s390x.rpm
seamonkey-debuginfo-1.0.9-76.el4.s390x.rpm
seamonkey-devel-1.0.9-76.el4.s390x.rpm
seamonkey-dom-inspector-1.0.9-76.el4.s390x.rpm
seamonkey-js-debugger-1.0.9-76.el4.s390x.rpm
seamonkey-mail-1.0.9-76.el4.s390x.rpm

x86_64:
seamonkey-1.0.9-76.el4.x86_64.rpm
seamonkey-chat-1.0.9-76.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-76.el4.x86_64.rpm
seamonkey-devel-1.0.9-76.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-76.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-76.el4.x86_64.rpm
seamonkey-mail-1.0.9-76.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-76.el4.src.rpm

i386:
seamonkey-1.0.9-76.el4.i386.rpm
seamonkey-chat-1.0.9-76.el4.i386.rpm
seamonkey-debuginfo-1.0.9-76.el4.i386.rpm
seamonkey-devel-1.0.9-76.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-76.el4.i386.rpm
seamonkey-js-debugger-1.0.9-76.el4.i386.rpm
seamonkey-mail-1.0.9-76.el4.i386.rpm

x86_64:
seamonkey-1.0.9-76.el4.x86_64.rpm
seamonkey-chat-1.0.9-76.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-76.el4.x86_64.rpm
seamonkey-devel-1.0.9-76.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-76.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-76.el4.x86_64.rpm
seamonkey-mail-1.0.9-76.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-76.el4.src.rpm

i386:
seamonkey-1.0.9-76.el4.i386.rpm
seamonkey-chat-1.0.9-76.el4.i386.rpm
seamonkey-debuginfo-1.0.9-76.el4.i386.rpm
seamonkey-devel-1.0.9-76.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-76.el4.i386.rpm
seamonkey-js-debugger-1.0.9-76.el4.i386.rpm
seamonkey-mail-1.0.9-76.el4.i386.rpm

ia64:
seamonkey-1.0.9-76.el4.ia64.rpm
seamonkey-chat-1.0.9-76.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-76.el4.ia64.rpm
seamonkey-devel-1.0.9-76.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-76.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-76.el4.ia64.rpm
seamonkey-mail-1.0.9-76.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-76.el4.x86_64.rpm
seamonkey-chat-1.0.9-76.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-76.el4.x86_64.rpm
seamonkey-devel-1.0.9-76.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-76.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-76.el4.x86_64.rpm
seamonkey-mail-1.0.9-76.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-76.el4.src.rpm

i386:
seamonkey-1.0.9-76.el4.i386.rpm
seamonkey-chat-1.0.9-76.el4.i386.rpm
seamonkey-debuginfo-1.0.9-76.el4.i386.rpm
seamonkey-devel-1.0.9-76.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-76.el4.i386.rpm
seamonkey-js-debugger-1.0.9-76.el4.i386.rpm
seamonkey-mail-1.0.9-76.el4.i386.rpm

ia64:
seamonkey-1.0.9-76.el4.ia64.rpm
seamonkey-chat-1.0.9-76.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-76.el4.ia64.rpm
seamonkey-devel-1.0.9-76.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-76.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-76.el4.ia64.rpm
seamonkey-mail-1.0.9-76.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-76.el4.x86_64.rpm
seamonkey-chat-1.0.9-76.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-76.el4.x86_64.rpm
seamonkey-devel-1.0.9-76.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-76.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-76.el4.x86_64.rpm
seamonkey-mail-1.0.9-76.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-2998.html
https://www.redhat.com/security/data/cve/CVE-2011-2999.html
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2011 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFOg7TUXlSAg2UNWIIRAutIAJ9VRR9wJ7X3EeMhl2mOH7 qDj+6vnACdEXst
A8YfyqP4L6d/3mUiTK4TjQE=
=gZu1
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 02-01-2012, 07:26 AM
 
Default Critical: seamonkey security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Critical: seamonkey security update
Advisory ID: RHSA-2012:0084-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0084.html
Issue date: 2012-02-01
CVE Names: CVE-2011-3670 CVE-2012-0442
================================================== ===================

1. Summary:

Updated seamonkey packages that fix two security issues are now available
for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC
chat client, and HTML editor.

A flaw was found in the processing of malformed web content. A web page
containing malicious content could cause SeaMonkey to crash or,
potentially, execute arbitrary code with the privileges of the user running
SeaMonkey. (CVE-2012-0442)

The same-origin policy in SeaMonkey treated http://example.com and
http://[example.com] as interchangeable. A malicious script could possibly
use this flaw to gain access to sensitive information (such as a client's
IP and user e-mail address, or httpOnly cookies) that may be included in
HTTP proxy error replies, generated in response to invalid URLs using
square brackets. (CVE-2011-3670)

All SeaMonkey users should upgrade to these updated packages, which correct
these issues. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

785085 - CVE-2012-0442 Mozilla: memory safety hazards in 10.0/1.9.2.26 (MFSA 2012-01)
785464 - CVE-2011-3670 Mozilla: Same-origin bypass using IPv6-like hostname syntax (MFSA 2012-02)

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-78.el4.src.rpm

i386:
seamonkey-1.0.9-78.el4.i386.rpm
seamonkey-chat-1.0.9-78.el4.i386.rpm
seamonkey-debuginfo-1.0.9-78.el4.i386.rpm
seamonkey-devel-1.0.9-78.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-78.el4.i386.rpm
seamonkey-js-debugger-1.0.9-78.el4.i386.rpm
seamonkey-mail-1.0.9-78.el4.i386.rpm

ia64:
seamonkey-1.0.9-78.el4.ia64.rpm
seamonkey-chat-1.0.9-78.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-78.el4.ia64.rpm
seamonkey-devel-1.0.9-78.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-78.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-78.el4.ia64.rpm
seamonkey-mail-1.0.9-78.el4.ia64.rpm

ppc:
seamonkey-1.0.9-78.el4.ppc.rpm
seamonkey-chat-1.0.9-78.el4.ppc.rpm
seamonkey-debuginfo-1.0.9-78.el4.ppc.rpm
seamonkey-devel-1.0.9-78.el4.ppc.rpm
seamonkey-dom-inspector-1.0.9-78.el4.ppc.rpm
seamonkey-js-debugger-1.0.9-78.el4.ppc.rpm
seamonkey-mail-1.0.9-78.el4.ppc.rpm

s390:
seamonkey-1.0.9-78.el4.s390.rpm
seamonkey-chat-1.0.9-78.el4.s390.rpm
seamonkey-debuginfo-1.0.9-78.el4.s390.rpm
seamonkey-devel-1.0.9-78.el4.s390.rpm
seamonkey-dom-inspector-1.0.9-78.el4.s390.rpm
seamonkey-js-debugger-1.0.9-78.el4.s390.rpm
seamonkey-mail-1.0.9-78.el4.s390.rpm

s390x:
seamonkey-1.0.9-78.el4.s390x.rpm
seamonkey-chat-1.0.9-78.el4.s390x.rpm
seamonkey-debuginfo-1.0.9-78.el4.s390x.rpm
seamonkey-devel-1.0.9-78.el4.s390x.rpm
seamonkey-dom-inspector-1.0.9-78.el4.s390x.rpm
seamonkey-js-debugger-1.0.9-78.el4.s390x.rpm
seamonkey-mail-1.0.9-78.el4.s390x.rpm

x86_64:
seamonkey-1.0.9-78.el4.x86_64.rpm
seamonkey-chat-1.0.9-78.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-78.el4.x86_64.rpm
seamonkey-devel-1.0.9-78.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-78.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-78.el4.x86_64.rpm
seamonkey-mail-1.0.9-78.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-78.el4.src.rpm

i386:
seamonkey-1.0.9-78.el4.i386.rpm
seamonkey-chat-1.0.9-78.el4.i386.rpm
seamonkey-debuginfo-1.0.9-78.el4.i386.rpm
seamonkey-devel-1.0.9-78.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-78.el4.i386.rpm
seamonkey-js-debugger-1.0.9-78.el4.i386.rpm
seamonkey-mail-1.0.9-78.el4.i386.rpm

x86_64:
seamonkey-1.0.9-78.el4.x86_64.rpm
seamonkey-chat-1.0.9-78.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-78.el4.x86_64.rpm
seamonkey-devel-1.0.9-78.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-78.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-78.el4.x86_64.rpm
seamonkey-mail-1.0.9-78.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-78.el4.src.rpm

i386:
seamonkey-1.0.9-78.el4.i386.rpm
seamonkey-chat-1.0.9-78.el4.i386.rpm
seamonkey-debuginfo-1.0.9-78.el4.i386.rpm
seamonkey-devel-1.0.9-78.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-78.el4.i386.rpm
seamonkey-js-debugger-1.0.9-78.el4.i386.rpm
seamonkey-mail-1.0.9-78.el4.i386.rpm

ia64:
seamonkey-1.0.9-78.el4.ia64.rpm
seamonkey-chat-1.0.9-78.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-78.el4.ia64.rpm
seamonkey-devel-1.0.9-78.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-78.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-78.el4.ia64.rpm
seamonkey-mail-1.0.9-78.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-78.el4.x86_64.rpm
seamonkey-chat-1.0.9-78.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-78.el4.x86_64.rpm
seamonkey-devel-1.0.9-78.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-78.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-78.el4.x86_64.rpm
seamonkey-mail-1.0.9-78.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-78.el4.src.rpm

i386:
seamonkey-1.0.9-78.el4.i386.rpm
seamonkey-chat-1.0.9-78.el4.i386.rpm
seamonkey-debuginfo-1.0.9-78.el4.i386.rpm
seamonkey-devel-1.0.9-78.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-78.el4.i386.rpm
seamonkey-js-debugger-1.0.9-78.el4.i386.rpm
seamonkey-mail-1.0.9-78.el4.i386.rpm

ia64:
seamonkey-1.0.9-78.el4.ia64.rpm
seamonkey-chat-1.0.9-78.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-78.el4.ia64.rpm
seamonkey-devel-1.0.9-78.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-78.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-78.el4.ia64.rpm
seamonkey-mail-1.0.9-78.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-78.el4.x86_64.rpm
seamonkey-chat-1.0.9-78.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-78.el4.x86_64.rpm
seamonkey-devel-1.0.9-78.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-78.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-78.el4.x86_64.rpm
seamonkey-mail-1.0.9-78.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-3670.html
https://www.redhat.com/security/data/cve/CVE-2012-0442.html
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFPKPcoXlSAg2UNWIIRAtqTAKC3n9KoTOm2t/qukrnH+cd04iswBgCeIu8r
IceFLSepAEZDsTcaPufEfgc=
=QPg3
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 
Old 02-16-2012, 06:22 PM
 
Default Critical: seamonkey security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

================================================== ===================
Red Hat Security Advisory

Synopsis: Critical: seamonkey security update
Advisory ID: RHSA-2012:0141-01
Product: Red Hat Enterprise Linux
Advisory URL: https://rhn.redhat.com/errata/RHSA-2012-0141.html
Issue date: 2012-02-16
CVE Names: CVE-2011-3026
================================================== ===================

1. Summary:

Updated seamonkey packages that fix one security issue are now available
for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having critical
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC
chat client, and HTML editor.

A heap-based buffer overflow flaw was found in the way SeaMonkey handled
PNG (Portable Network Graphics) images. A web page containing a malicious
PNG image could cause SeaMonkey to crash or, possibly, execute arbitrary
code with the privileges of the user running SeaMonkey. (CVE-2011-3026)

All SeaMonkey users should upgrade to these updated packages, which correct
this issue. After installing the update, SeaMonkey must be restarted for
the changes to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

790737 - CVE-2011-3026 libpng: Heap-buffer-overflow in png_decompress_chunk

6. Package List:

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm

i386:
seamonkey-1.0.9-79.el4.i386.rpm
seamonkey-chat-1.0.9-79.el4.i386.rpm
seamonkey-debuginfo-1.0.9-79.el4.i386.rpm
seamonkey-devel-1.0.9-79.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-79.el4.i386.rpm
seamonkey-js-debugger-1.0.9-79.el4.i386.rpm
seamonkey-mail-1.0.9-79.el4.i386.rpm

ia64:
seamonkey-1.0.9-79.el4.ia64.rpm
seamonkey-chat-1.0.9-79.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-79.el4.ia64.rpm
seamonkey-devel-1.0.9-79.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-79.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-79.el4.ia64.rpm
seamonkey-mail-1.0.9-79.el4.ia64.rpm

ppc:
seamonkey-1.0.9-79.el4.ppc.rpm
seamonkey-chat-1.0.9-79.el4.ppc.rpm
seamonkey-debuginfo-1.0.9-79.el4.ppc.rpm
seamonkey-devel-1.0.9-79.el4.ppc.rpm
seamonkey-dom-inspector-1.0.9-79.el4.ppc.rpm
seamonkey-js-debugger-1.0.9-79.el4.ppc.rpm
seamonkey-mail-1.0.9-79.el4.ppc.rpm

s390:
seamonkey-1.0.9-79.el4.s390.rpm
seamonkey-chat-1.0.9-79.el4.s390.rpm
seamonkey-debuginfo-1.0.9-79.el4.s390.rpm
seamonkey-devel-1.0.9-79.el4.s390.rpm
seamonkey-dom-inspector-1.0.9-79.el4.s390.rpm
seamonkey-js-debugger-1.0.9-79.el4.s390.rpm
seamonkey-mail-1.0.9-79.el4.s390.rpm

s390x:
seamonkey-1.0.9-79.el4.s390x.rpm
seamonkey-chat-1.0.9-79.el4.s390x.rpm
seamonkey-debuginfo-1.0.9-79.el4.s390x.rpm
seamonkey-devel-1.0.9-79.el4.s390x.rpm
seamonkey-dom-inspector-1.0.9-79.el4.s390x.rpm
seamonkey-js-debugger-1.0.9-79.el4.s390x.rpm
seamonkey-mail-1.0.9-79.el4.s390x.rpm

x86_64:
seamonkey-1.0.9-79.el4.x86_64.rpm
seamonkey-chat-1.0.9-79.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm
seamonkey-devel-1.0.9-79.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm
seamonkey-mail-1.0.9-79.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm

i386:
seamonkey-1.0.9-79.el4.i386.rpm
seamonkey-chat-1.0.9-79.el4.i386.rpm
seamonkey-debuginfo-1.0.9-79.el4.i386.rpm
seamonkey-devel-1.0.9-79.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-79.el4.i386.rpm
seamonkey-js-debugger-1.0.9-79.el4.i386.rpm
seamonkey-mail-1.0.9-79.el4.i386.rpm

x86_64:
seamonkey-1.0.9-79.el4.x86_64.rpm
seamonkey-chat-1.0.9-79.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm
seamonkey-devel-1.0.9-79.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm
seamonkey-mail-1.0.9-79.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm

i386:
seamonkey-1.0.9-79.el4.i386.rpm
seamonkey-chat-1.0.9-79.el4.i386.rpm
seamonkey-debuginfo-1.0.9-79.el4.i386.rpm
seamonkey-devel-1.0.9-79.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-79.el4.i386.rpm
seamonkey-js-debugger-1.0.9-79.el4.i386.rpm
seamonkey-mail-1.0.9-79.el4.i386.rpm

ia64:
seamonkey-1.0.9-79.el4.ia64.rpm
seamonkey-chat-1.0.9-79.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-79.el4.ia64.rpm
seamonkey-devel-1.0.9-79.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-79.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-79.el4.ia64.rpm
seamonkey-mail-1.0.9-79.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-79.el4.x86_64.rpm
seamonkey-chat-1.0.9-79.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm
seamonkey-devel-1.0.9-79.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm
seamonkey-mail-1.0.9-79.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-79.el4.src.rpm

i386:
seamonkey-1.0.9-79.el4.i386.rpm
seamonkey-chat-1.0.9-79.el4.i386.rpm
seamonkey-debuginfo-1.0.9-79.el4.i386.rpm
seamonkey-devel-1.0.9-79.el4.i386.rpm
seamonkey-dom-inspector-1.0.9-79.el4.i386.rpm
seamonkey-js-debugger-1.0.9-79.el4.i386.rpm
seamonkey-mail-1.0.9-79.el4.i386.rpm

ia64:
seamonkey-1.0.9-79.el4.ia64.rpm
seamonkey-chat-1.0.9-79.el4.ia64.rpm
seamonkey-debuginfo-1.0.9-79.el4.ia64.rpm
seamonkey-devel-1.0.9-79.el4.ia64.rpm
seamonkey-dom-inspector-1.0.9-79.el4.ia64.rpm
seamonkey-js-debugger-1.0.9-79.el4.ia64.rpm
seamonkey-mail-1.0.9-79.el4.ia64.rpm

x86_64:
seamonkey-1.0.9-79.el4.x86_64.rpm
seamonkey-chat-1.0.9-79.el4.x86_64.rpm
seamonkey-debuginfo-1.0.9-79.el4.x86_64.rpm
seamonkey-devel-1.0.9-79.el4.x86_64.rpm
seamonkey-dom-inspector-1.0.9-79.el4.x86_64.rpm
seamonkey-js-debugger-1.0.9-79.el4.x86_64.rpm
seamonkey-mail-1.0.9-79.el4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-3026.html
https://access.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFPPVc/XlSAg2UNWIIRAm3JAJsHQLOT912YsHcirqFoT3VLkhEPGQCfcL +3
2O727JRuFQEqnyZpxZ0LpoI=
=8KCf
-----END PGP SIGNATURE-----


--
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
 

Thread Tools




All times are GMT. The time now is 01:58 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org