[GLSA-201701-35] Mozilla SeaMonkey: Multiple vulnerabilities

Severity Normal

Affected Packages 2

Unaffected Packages 2

CVEs 9

Multiple vulnerabilities have been found in Mozilla SeaMonkey, the worst of which could lead to the remote execution of arbitrary code.

Background
Mozilla SeaMonkey is a free and open-source Internet suite. It is the
continuation of the former Mozilla Application Suite, based on the same
source code.

Description
Multiple vulnerabilities have been discovered in Mozilla SeaMonkey.
Please review the CVE identifiers referenced below for details.

Impact
A remote attacker could possibly execute arbitrary code with the
privileges of the process, cause a Denial of Service condition, or obtain
sensitive information.

Workaround
There is no known workaround at this time.

Resolution
All Mozilla SeaMonkey users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/seamonkey-2.46-r1"

All Mozilla SeaMonkey-bin users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/seamonkey-bin-2.46"

Package	Affected Version
pkg:ebuild/www-client/seamonkey?distro=gentoo	< 2.46-r1
pkg:ebuild/www-client/seamonkey-bin?distro=gentoo	< 2.46

Package	Unaffected Version
pkg:ebuild/www-client/seamonkey?distro=gentoo	>= 2.46-r1
pkg:ebuild/www-client/seamonkey-bin?distro=gentoo	>= 2.46

ID

GLSA-201701-35

Severity

normal

URL

https://security.gentoo.org/glsa/201701-35

Published

2017-01-13T00:00:00
(7 years ago)

Modified

2017-01-13T00:00:00
(7 years ago)

Rights

Gentoo Foundation, Inc.

Other Advisories

Source	# ID	Name	URL
CVE	CVE-2016-1521	CVE-2016-1521	https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1521
CVE	CVE-2016-1521	CVE-2016-1521	https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1521
CVE	CVE-2016-1522	CVE-2016-1522	https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1522
CVE	CVE-2016-1522	CVE-2016-1522	https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1522
CVE	CVE-2016-1523	CVE-2016-1523	https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1523
CVE	CVE-2016-1523	CVE-2016-1523	https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1523
CVE	CVE-2016-1526	CVE-2016-1526	https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1526
CVE	CVE-2016-1526	CVE-2016-1526	https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1526
CVE	CVE-2016-9079	CVE-2016-9079	https://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9079
Bugzilla	539242	Bugzilla #539242	https://bugs.gentoo.org/show_bug.cgi?id=539242
Bugzilla	541506	Bugzilla #541506	https://bugs.gentoo.org/show_bug.cgi?id=541506
Bugzilla	574968	Bugzilla #574968	https://bugs.gentoo.org/show_bug.cgi?id=574968
Bugzilla	604500	Bugzilla #604500	https://bugs.gentoo.org/show_bug.cgi?id=604500

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:ebuild/www-client/seamonkey?distro=gentoo	www-client	seamonkey	< 2.46-r1	gentoo
Unaffected	pkg:ebuild/www-client/seamonkey?distro=gentoo	www-client	seamonkey	>= 2.46-r1	gentoo
Affected	pkg:ebuild/www-client/seamonkey-bin?distro=gentoo	www-client	seamonkey-bin	< 2.46	gentoo
Unaffected	pkg:ebuild/www-client/seamonkey-bin?distro=gentoo	www-client	seamonkey-bin	>= 2.46	gentoo

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date