Opened 3 years ago

Closed 2 years ago

#15620 closed enhancement (fixed)

seamonkey-2.53.9.1

Reported by: Bruce Dubbs Owned by: Douglas R. Reno
Priority: elevated Milestone: 11.1
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New nano version.

Change History (3)

comment:1 by Douglas R. Reno, 3 years ago

Owner: changed from blfs-book to Douglas R. Reno
Status: newassigned

Grab this set of tickets.

comment:2 by Douglas R. Reno, 2 years ago

Priority: normalelevated
What's New in SeaMonkey 2.53.9.1

SeaMonkey 2.53.9.1 contains (among other changes) the following major changes relative to SeaMonkey 2.53.9:

    Fix the lazy loading of images from some websites bug 1727967.
    Move certain font family defaults from serif to sans serif bug 1727982.

In addition, there is this tidbit:

Additional important security fixes up to Current Firefox 78.14 ESR and a few enhancements have been backported. We will continue to enhance SeaMonkey security in subsequent 2.53.x beta and release versions as fast as we are able to. 

Seamonkey-2.53.9 had fixes up to 78.13, so that will include:

Security Vulnerabilities fixed in Firefox ESR 78.14

Announced
    September 7, 2021
Impact
    moderate
Products
    Firefox ESR
Fixed in

        Firefox ESR 78.14

#CVE-2021-38492: Navigating to `mk:` URL scheme could load Internet Explorer

Reporter
    James Lee
Impact
    moderate

Description

When delegating navigations to the operating system, Firefox would accept the mk scheme which might allow attackers to launch pages and execute scripts in Internet Explorer in unprivileged mode.
This bug only affects Firefox for Windows. Other operating systems are unaffected.
References

    Bug 1721107

#CVE-2021-38493: Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1

Reporter
    Mozilla developers and community
Impact
    high

Description

Mozilla developers Tyson Smith and Gabriele Svelto reported memory safety bugs present in Firefox 91 and Firefox ESR 78.13. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.
References

    Memory safety bugs fixed in Firefox 92, Firefox ESR 78.14 and Firefox ESR 91.1

Out of these, we are affected by CVE-2021-38493.

comment:3 by Douglas R. Reno, 2 years ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.