Opened 19 months ago
Closed 18 months ago
#15753 closed enhancement (fixed)
|Reported by:||Bruce Dubbs||Owned by:||Douglas R. Reno|
New point version.
Change History (6)
comment:1 by , 19 months ago
|Status:||new → assigned|
comment:2 by , 18 months ago
comment:3 by , 18 months ago
|Priority:||normal → elevated|
Looking at the release notes for these last night, it's obvious these two contain some pretty significant security fixes. I may promote them to High after more research (which will happen after Java).
comment:4 by , 18 months ago
|Summary:||seamonkey-2.53.10 → seamonkey-126.96.36.199|
What's New in SeaMonkey 2.53.10 SeaMonkey 2.53.10 contains (among other changes) the following major changes relative to SeaMonkey 188.8.131.52: Minor fixes for testdisplay command in ChatZilla bug 1727976. Show CTCP requests (excluding ACTION and DCC) bug 1722156. IRCv3: Add support for server-time bug 1724586. Add localization note for network editor dialog width in ChatZilla bug 1727977. IRCv3: Add support for extended-join and account-notify bug 1722159. Add ability to collapse message groups in ChatZilla bug 1724588. Fix JS strict warnings in unescapeTagValue in ChatZilla bug 1727989. IRCv3: Add support for invite-notify bug 1722161. IRCv3: Add support for batch bug 1724589. Fix JS strict warning in addHistory in cZ static.js bug 1727992. IRCv3: Add support for cap-notify bug 1722162. Stop using canonical name as collection keys in ChatZilla bug 1728025. IRCv3: Add support for TLS and STS bug 1722166. Helper function for renaming irc server properties in ChatZilla bug 1728027. IRCv3: Add support for MONITOR bug 1722174. Remove use of msg.commasp in ChatZilla bug 1726965. Allow shiftKey to modify behaviour of link clicking in cZ bug 1713458. IRCv3: Add support for echo-message bug 1722211. In ChatZilla make /commands return all matches starting with pattern bug 1726966. Use SeaMonkey prefs to determine how links behave in cZ bug 1713467. Allow parameters to be localised in ChatZilla bug 1724105. Add identify command to cZ and hook into password management bug 1713470. IRCv3.1: Implement SASL with PLAIN mechanism bug 1717545. IRCv3: Add support for message tags bug 1724584. Add last read message divider to ChatZilla bug 1729159. IRCv3: Add support for account-tag bug 1724585. Missing option "text encoding Unicode/UTF-8" in preferences - Mailnews bug 1679260. Detect Crashreporter using AppConstants in SeaMonkey bug 1735236. Link about LEGACY extensions in Add-ons Manager is broken bug 1656797. Update help for clear private data preferences and dialog bug 1728911. Fix typo in cs_nav_prefs_appearance bug 1737473. Drop leftover "Edit Menu" comment from messageWindow.xul and addressbook.xul bug 1725121. Add dummy tab routines to SeaMonkey mailnews tab browser bug 1735243. Folder pane and tab/window title not updated correctly when opening in new tab bug 1726940. Allow mail tab bar to be controlled separately to browser tab bar bug 1724515. Copy any user set values for new mail.tabs prefs bug 1729165. Merge Master Passwords and Passwords pref panes into a single pref pane bug 1728099. Move warning about redirection pref from Content to Privacy & Security pane bug 1728185. Move website icons prefs from content pref pane to browser pref pane bug 1727425. Move browser / mailnews system integration prefs into advanced pane bug 1727659. Have separate opentabfor.middleclick for mailnews bug 1727948. Add removeBrowser helper for tabbrowser bug 1730391. Put <browser> in a <stack> so it's easy to overlay bug 1730392. Allow browser focus to be avoided bug 1720003. SeaMonkey 32x32 default icon has light stripe at the bottom bug 1729153. Support <input type=time> and <input type=date> in SeaMonkey bug 1730408. Middleclick on browser tab handled twice (closes tab and loads URL from primary or clipboard) bug 1734407. Unable to create a new "Saved Search Folder" using "Save View as a Folder..." bug 1738669. The following bugs were fixed in our branch of the Gecko source code only: Enable compression for standard http connections bug 1728996. Support VS2022 for compiling under Windows bug 1728988.
"But wait, there's more!" - the version is now 184.108.40.206
This one also includes the fixes from Firefox-78.15 ESR:
Security Vulnerabilities fixed in Firefox ESR 78.15 Announced October 5, 2021 Impact high Products Firefox ESR Fixed in Firefox ESR 78.15 #CVE-2021-38496: Use-after-free in MessageTask Reporter Yangkang of 360 ATA Team Impact high Description During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. References Bug 1725335 #CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 Reporter Mozilla developers Impact high Description Mozilla developers and community members Andreas Pehrson and Christian Holler reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2
comment:5 by , 18 months ago
SeaMonkey 220.127.116.11 contains (among other changes) the following major changes relative to SeaMonkey 2.53.10: Security fix for NSS code bug 1737470. Only use networks and servers in lower case in ChatZilla bug 1742502. Change classic form icon in SeaMonkey composer bug 1710915. Addition fixes for SeaMonkey 32x32 default icons on Windows and macOS bug 1729153.
Also includes fixes up to 91.4esr, so that would be:
Security Vulnerabilities fixed in Firefox ESR 91.4.0 Announced December 7, 2021 Impact high Products Firefox ESR Fixed in Firefox ESR 91.4 #CVE-2021-43536: URL leakage when navigating while executing asynchronous function Reporter Sunwoo Kim and Youngmin Kim of SNU CompSec Lab Impact high Description Under certain circumstances, asynchronous functions could have caused a navigation to fail but expose the target URL. References Bug 1730120 #CVE-2021-43537: Heap buffer overflow when using structured clone Reporter bo13oy of Cyber Kunlun Lab Impact high Description An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash. References Bug 1738237 #CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both Reporter Irvan Kurniawan (@sourc7) Impact high Description By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks. References Bug 1739091 #CVE-2021-43539: GC rooting failure when calling wasm instance methods Reporter Asumu Takikawa and Ioanna Dimitriou Impact high Description Failure to correctly record the location of live pointers across wasm instance calls resulted in a GC occurring within the call not tracing those live pointers. This could have led to a use-after-free causing a potentially exploitable crash. References Bug 1739683 #CVE-2021-43541: External protocol handler parameters were unescaped Reporter chriscla Impact moderate Description When invoking protocol handlers for external protocols, a supplied parameter URL containing spaces was not properly escaped. References Bug 1696685 #CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler Reporter Raphael Smolik Impact moderate Description Using XMLHttpRequest, an attacker could have identified installed applications by probing error messages for loading external protocols. References Bug 1723281 #CVE-2021-43543: Bypass of CSP sandbox directive when embedding Reporter Armin Ebert Impact moderate Description Documents loaded with the CSP sandbox directive could have escaped the sandbox's script restriction by embedding additional content. References Bug 1738418 #CVE-2021-43545: Denial of Service when using the Location API in a loop Reporter Paul Zühlcke Impact low Description Using the Location API in a loop could have caused severe application hangs and crashes. References Bug 1720926 #CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed Reporter Daniel Veditz Impact low Description It was possible to recreate previous cursor spoofing attacks against users with a zoomed native cursor. References Bug 1737751 #CVE-2021-4129: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Reporter Mozilla developers and community Impact high Description Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94 and Firefox ESR 91.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
comment:6 by , 18 months ago
|Status:||assigned → closed|
Note: See TracTickets for help on using tickets.
I see that fedora have a patch for building with rustc>=1.56.0, https://src.fedoraproject.org/rpms/seamonkey/raw/rawhide/f/seamonkey-2.53.10-rust156.patch