This is fixed in Lucid now
seamonkey (2.0.7+build1+nobinonly-0ubuntu0.10.04.1) lucid-security; urgency=low
* New upstream release v2.0.7 (SEAMONKEY_2_0_7_BUILD1)
* SECURITY UPDATES: * MFSA 2010-49: Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12) - CVE-2010-3169 * MFSA 2010-50: Frameset integer overflow vulnerability - CVE-2010-2765 * MFSA 2010-51: Dangling pointer vulnerability using DOM plugin array - CVE-2010-2767 * MFSA 2010-52: Windows XP DLL loading vulnerability - CVE-2010-3131 * MFSA 2010-53: Heap buffer overflow in nsTextFrameUtils::TransformText - CVE-2010-3166 * MFSA 2010-54: Dangling pointer vulnerability in nsTreeSelection - CVE-2010-2760 * MFSA 2010-55: XUL tree removal crash and remote code execution - CVE-2010-3168 * MFSA 2010-56: Dangling pointer vulnerability in nsTreeContentView - CVE-2010-3167 * MFSA 2010-57: Crash and remote code execution in normalizeDocument - CVE-2010-2766 * MFSA 2010-58: Crash on Mac using fuzzed font in data: URL - CVE-2010-2770 * MFSA 2010-60: XSS using SJOW scripted functio - CVE-2010-2763 * MFSA 2010-61: UTF-7 XSS by overriding document charset using <object> type attribute - CVE-2010-2768 * MFSA 2010-62: Copy-and-paste or drag-and-drop into designMode document allows XSS - CVE-2010-62 * MFSA 2010-63: Information leak via XMLHttpRequest statusText - CVE-2010-63
* Refresh patches for new upstream version - update debian/patches/seamonkey-fsh.patch * Fix LP: #593571 - searching for am-newsblog.xul in the wrong chrome package Install the newsblog.js XPCOM component - update debian/seamonkey-mailnews.install -- Chris Coulson <email address hidden> Thu, 09 Sep 2010 16:26:29 +0100
This is fixed in Lucid now
seamonkey (2.0.7+ build1+ nobinonly- 0ubuntu0. 10.04.1) lucid-security; urgency=low
* New upstream release v2.0.7 (SEAMONKEY_ 2_0_7_BUILD1)
* SECURITY UPDATES: s::TransformTex t
* MFSA 2010-49: Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
- CVE-2010-3169
* MFSA 2010-50: Frameset integer overflow vulnerability
- CVE-2010-2765
* MFSA 2010-51: Dangling pointer vulnerability using DOM plugin array
- CVE-2010-2767
* MFSA 2010-52: Windows XP DLL loading vulnerability
- CVE-2010-3131
* MFSA 2010-53: Heap buffer overflow in nsTextFrameUtil
- CVE-2010-3166
* MFSA 2010-54: Dangling pointer vulnerability in nsTreeSelection
- CVE-2010-2760
* MFSA 2010-55: XUL tree removal crash and remote code execution
- CVE-2010-3168
* MFSA 2010-56: Dangling pointer vulnerability in nsTreeContentView
- CVE-2010-3167
* MFSA 2010-57: Crash and remote code execution in normalizeDocument
- CVE-2010-2766
* MFSA 2010-58: Crash on Mac using fuzzed font in data: URL
- CVE-2010-2770
* MFSA 2010-60: XSS using SJOW scripted functio
- CVE-2010-2763
* MFSA 2010-61: UTF-7 XSS by overriding document charset using <object>
type attribute
- CVE-2010-2768
* MFSA 2010-62: Copy-and-paste or drag-and-drop into designMode document
allows XSS
- CVE-2010-62
* MFSA 2010-63: Information leak via XMLHttpRequest statusText
- CVE-2010-63
* Refresh patches for new upstream version patches/ seamonkey- fsh.patch seamonkey- mailnews. install
- update debian/
* Fix LP: #593571 - searching for am-newsblog.xul in the wrong chrome package
Install the newsblog.js XPCOM component
- update debian/
-- Chris Coulson <email address hidden> Thu, 09 Sep 2010 16:26:29 +0100