openSUSE 10 Security Update : seamonkey (seamonkey-6310)
Critical Nessus Plugin ID 39462
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThe Mozilla SeaMonkey browser suite was updated to version 1.1.16, fixing various bugs and security issues :
- Security update to 1.1.16
- MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217) Crash and remote code execution in XSL transformation
- MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with evidence of memory corruption (rv:22.214.171.124)
- Security update to 1.1.15
- MFSA 2009-15/CVE-2009-0652 URL spoofing with box drawing character
- MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773 CVE-2009-0774: Crashes with evidence of memory corruption (rv:126.96.36.199)
- MFSA 2009-09/CVE-2009-0776: XML data theft via RDFXMLDataSource and cross-domain redirect
- MFSA 2009-10/CVE-2009-0040: Upgrade PNG library to fix memory safety hazards
- MFSA 2009-01/CVE-2009-0352 Crashes with evidence of memory corruption (rv:188.8.131.52)
- MFSA 2009-05/CVE-2009-0357 XMLHttpRequest allows reading HTTPOnly cookies
Please note that the java openjdk plugin might not work after installing this update.
SolutionUpdate the affected seamonkey packages.