[ubuntu/intrepid] seamonkey 1.1.12+nobinonly-0ubuntu1 (Accepted)

Fabien Tassin fta at ubuntu.com
Wed Oct 1 09:58:08 BST 2008 

seamonkey (1.1.12+nobinonly-0ubuntu1) intrepid; urgency=low

  * New security upstream release: 1.1.12 (LP: #276437)
    - CVE-2008-4070: Heap overflow when canceling newsgroup message
    - CVE-2008-4069: XBM image uninitialized memory reading
    - CVE-2008-4067..4068: resource: traversal vulnerabilities
    - CVE-2008-4065..4066: BOM characters stripped from JavaScript before execution
    - CVE-2008-4061..4064: Crashes with evidence of memory corruption
    - CVE-2008-4058..4060: Privilege escalation via XPCnativeWrapper pollution
    - CVE-2008-3837: Forced mouse drag
    - CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation
    - CVE-2008-0016: UTF-8 URL stack buffer overflow

Date: Tue, 30 Sep 2008 00:41:24 +0200
Changed-By: Fabien Tassin <fta at ubuntu.com>
Maintainer: Ubuntu Mozilla Team <ubuntu-mozillateam at lists.ubuntu.com>
https://edge.launchpad.net/ubuntu/intrepid/+source/seamonkey/1.1.12+nobinonly-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 30 Sep 2008 00:41:24 +0200
Source: seamonkey
Binary: seamonkey seamonkey-browser seamonkey-gnome-support seamonkey-dev seamonkey-dbg seamonkey-mailnews seamonkey-chatzilla seamonkey-dom-inspector mozilla mozilla-browser mozilla-dev mozilla-mailnews mozilla-chatzilla mozilla-psm mozilla-dom-inspector mozilla-js-debugger mozilla-calendar iceape iceape-browser iceape-gnome-support iceape-dev iceape-dbg iceape-mailnews iceape-chatzilla iceape-calendar iceape-dom-inspector
Architecture: source
Version: 1.1.12+nobinonly-0ubuntu1
Distribution: intrepid
Urgency: low
Maintainer: Ubuntu Mozilla Team <ubuntu-mozillateam at lists.ubuntu.com>
Changed-By: Fabien Tassin <fta at ubuntu.com>
Description: 
 iceape     - dummy upgrade package for the SeaMonkey Internet Suite
 iceape-browser - dummy upgrade package for SeaMonkey Navigator
 iceape-calendar - dummy upgrade package for SeaMonkey Navigator
 iceape-chatzilla - dummy upgrade package for SeaMonkey Chatzilla IRC client
 iceape-dbg - dummy upgrade package for SeaMonkey Debug package
 iceape-dev - dummy upgrade package for SeaMonkey SDK
 iceape-dom-inspector - dummy upgrade package for the DOM Inspector for the SeaMonkey Int
 iceape-gnome-support - dummy upgrade package for SeaMonkey Gnome Support
 iceape-mailnews - dummy upgrade package for SeaMonkey Mail & Newsgroups and Address
 mozilla    - dummy upgrade package for the SeaMonkey Internet Suite
 mozilla-browser - dummy upgrade package for SeaMonkey Navigator and Composer
 mozilla-calendar - dummy upgrade package for SeaMonkey Calendar
 mozilla-chatzilla - dummy upgrade package for SeaMonkey Chatzilla IRC client
 mozilla-dev - dummy upgrade package for development file for the SeaMonkey Inte
 mozilla-dom-inspector - dummy upgrade package for the DOM Inspector for the SeaMonkey Int
 mozilla-js-debugger - dummy upgrade package for venkman
 mozilla-mailnews - dummy upgrade package for SeaMonkey Mail & Newsgroups and Address
 mozilla-psm - dummy upgrade package for SeaMonkey Navigator
 seamonkey  - The Seamonkey Internet Suite
 seamonkey-browser - Seamonkey Navigator (Internet browser) and Composer
 seamonkey-chatzilla - Seamonkey Chatzilla IRC client
 seamonkey-dbg - Debugging symbols for the Seamonkey Internet Suite
 seamonkey-dev - Development files for the Seamonkey Internet Suite
 seamonkey-dom-inspector - DOM inspector for the Seamonkey Internet Suite
 seamonkey-gnome-support - Gnome support for the Seamonkey Internet Suite
 seamonkey-mailnews - Seamonkey Mail & Newsgroups and Address Book
Launchpad-Bugs-Fixed: 276437
Changes: 
 seamonkey (1.1.12+nobinonly-0ubuntu1) intrepid; urgency=low
 .
   * New security upstream release: 1.1.12 (LP: #276437)
     - CVE-2008-4070: Heap overflow when canceling newsgroup message
     - CVE-2008-4069: XBM image uninitialized memory reading
     - CVE-2008-4067..4068: resource: traversal vulnerabilities
     - CVE-2008-4065..4066: BOM characters stripped from JavaScript before execution
     - CVE-2008-4061..4064: Crashes with evidence of memory corruption
     - CVE-2008-4058..4060: Privilege escalation via XPCnativeWrapper pollution
     - CVE-2008-3837: Forced mouse drag
     - CVE-2008-3835: nsXMLDocument::OnChannelRedirect() same-origin violation
     - CVE-2008-0016: UTF-8 URL stack buffer overflow
Checksums-Sha1: 
 258e7f2f60b31794743facd618f212161f622786 2058 seamonkey_1.1.12+nobinonly-0ubuntu1.dsc
 133a2bab188301a81ca2f9fffd0e8802f71c5d21 45463099 seamonkey_1.1.12+nobinonly.orig.tar.gz
 eeb61d6ee0ac3e1295dbef38ca9f036bdd1fc9af 139612 seamonkey_1.1.12+nobinonly-0ubuntu1.diff.gz
Checksums-Sha256: 
 2515b70c2cd6a9b02df5503df426d9112eb177d9fcfaa4600b1347856e43056d 2058 seamonkey_1.1.12+nobinonly-0ubuntu1.dsc
 7844330566779c67e86a44590399b752baf2418e6e16146cbd3f339f4cf88383 45463099 seamonkey_1.1.12+nobinonly.orig.tar.gz
 a21a1ec1311a74613d3299c01bcaf74d94606ea8d822d11c3202aecca6e48b0b 139612 seamonkey_1.1.12+nobinonly-0ubuntu1.diff.gz
Files: 
 9ff6ea414c3b6860c5b4b6ee07cd7770 2058 net optional seamonkey_1.1.12+nobinonly-0ubuntu1.dsc
 4e6ba82ac2dcf7d6712888b0c2f42d50 45463099 net optional seamonkey_1.1.12+nobinonly.orig.tar.gz
 13bbef1c881cac83666e472c6c27057d 139612 net optional seamonkey_1.1.12+nobinonly-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkjii3EACgkQaOfNHbbuIOiE0wCfS8F7mENsFUk5seG6GmMY8fa0
w4IAn1RSzcZAmgGjP0tnszRL5BvS79n+
=M5OQ
-----END PGP SIGNATURE-----

More information about the Intrepid-changes mailing list