← Back to branch summary

~mozillateam/seamonkey/seamonkey-1.1.dev

  • Committer: Alexander Sack
  • Date: 2009-07-26 11:20:22 UTC
  • mfrom: (160.1.1 seamonkey-1.1.dev)
  • Revision ID: asac@ubuntu.com-20090726112022-94ucsbxlkyd72ym2
https://launchpad.net/bugs/356274
(merge) RELEASE 1.1.17+nobinonly-0ubuntu1 to ubuntu/karmic
* New upstream security release: 1.1.17 (LP: #356274)
  - CVE-2009-1841: JavaScript chrome privilege escalation
  - CVE-2009-1838: Arbitrary code execution using event listeners attached to an element whose owner document is null
  - CVE-2009-1836: SSL tampering via non-200 responses to proxy CONNECT requests
  - CVE-2009-1835: Arbitrary domain cookie access by local file: resources
  - CVE-2009-1392, CVE-2009-1832, CVE-2009-1833: Crashes with evidence of memory corruption (rv:1.9.0.11)
  - CVE-2009-1311: POST data sent to wrong site when saving web page with embedded frame
  - CVE-2009-1307:  Same-origin violations when Adobe Flash loaded via view-source: scheme
  - MFSA 2009-33  Crash viewing multipart/alternative message with text/enhanced part 
* removed debian/patches/90_181_484320_attachment_368977.patch
* removed debian/patches/90_181_485217_attachment_369357.patch
* removed debian/patches/90_181_485286_attachment_369457.patch
  - update debian/patches/series
Filename Latest Rev Last Changed Size
debian 60.1.18 2007-08-05 06:34:08 UTC Diff