Context Navigation

← Previous Ticket
Next Ticket →

#6978 closed enhancement (fixed)

seamonkey-2.38

Reported by:	Fernando de Oliveira	Owned by:	bdubbs@…
Priority:	high	Milestone:	7.8
Component:	BOOK	Version:	SVN
Severity:	normal	Keywords:
Cc:

Description (last modified by Fernando de Oliveira) ¶

Notice s/tar.bz2/tar.xz/

https://ftp.mozilla.org/pub/mozilla.org/seamonkey/releases/2.38/source/seamonkey-2.38.source.tar.xz

https://ftp.mozilla.org/pub/mozilla.org/seamonkey/releases/2.38/MD5SUMS

d77b2550665a94a88c69368f4cf54833 source/seamonkey-2.38.source.tar.xz

https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/#seamonkey2.38

Fixed in SeaMonkey 2.38

Critical
 • 2015-113 Memory safety errors in libGLES in the ANGLE graphics library
 • 2015-106 Use-after-free while manipulating HTML media content
 • 2015-104 Use-after-free with shared workers and IndexedDB
 • 2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3)
 • 2015-81 Use-after-free in MediaStream playback

High
 • 2015-112 Vulnerabilities found through code inspection
 • 2015-111 Errors in the handling of CORS preflight request headers
 • 2015-109 JavaScript immutable property enforcement can be bypassed
 • 2015-105 Buffer overflow while decoding WebM video

Moderate
 • 2015-114 Information disclosure via the High Resolution Time API
 • 2015-110 Dragging and dropping images exposes final URL after
   redirects
 • 2015-108 Scripted proxies can access inner window
 • 2015-107 Out-of-bounds read during 2D canvas display on Linux 16-bit
   color depth systems
 • 2015-102 Crash when using debugger with SavedStacks in JavaScript
 • 2015-101 Buffer overflow in libvpx while parsing vp9 format video
 • 2015-98 Out of bounds read in QCMS library with ICC V4 profile
   attributes
 • 2015-97 Memory leak in mozTCPSocket to servers
 • 2015-91 Mozilla Content Security Policy allows for asterisk wildcards
   in violation of CSP specification

Low
 • 2015-103 URL spoofing in reader mode
 • 2015-86 Feed protocol with POST bypasses mixed content protections
 • 2015-68 OS X crash reports may contain entered key press information

From [https://blog.seamonkey-project.org/tag/2.38/}

SeaMonkey 2.38
Posted on September 27, 2015 by ewong| 2 Comments

SeaMonkey 2.38 has been released.

’nuff Said. :)

:ewong

Security Advisories for Seamonkey

Not updated since version 2.33.1.

But at page

http://www.seamonkey-project.org/releases/seamonkey2.38/

...
The SSL 3.0 encryption protocol is no longer supported due to security
concerns (bug 1106470). Legacy websites may still rely on it and will
not work with the newer TLS 1.x protocols. Contact the website
administrator to update their server to resolve the issue at the source.
...

Change History (3)

comment:1 by bdubbs@…, 10 years ago

Owner:	changed from blfs-book@… to bdubbs@…
Status:	new → assigned

comment:2 by bdubbs@…, 10 years ago

Resolution:	→ fixed
Status:	assigned → closed

Fixed at revision 16485.

comment:3 by Fernando de Oliveira, 9 years ago

Description:	modified (diff)

Note: See TracTickets for help on using tickets.

Download in other formats: