SUSE 5146 Published by

A seamonkey security update has been released for openSUSE Leap 15.3.



openSUSE-SU-2022:0150-1: important: Security update for seamonkey


openSUSE Security Update: Security update for seamonkey
______________________________________________________________________________

Announcement ID: openSUSE-SU-2022:0150-1
Rating: important
References: #1194735
Cross-References: CVE-2021-45417
CVSS scores:
CVE-2021-45417 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:

This update for seamonkey fixes the following issues:

Update to SeaMonkey 2.53.12

* Format Toolbar forgets its hidden status when switching to other view
modes bug 1719020.
* Remove obsolete plugin code from SeaMonkey bug 1762733.
* Fix a few strict warnings in SeaMonkey bug 1755553.
* Remove Run Flash from Site permissions and page info bug 1758289.
* Use fixIterator and replace use of removeItemAt in FilterListDialog bug
1756359.
* Remove RDF usage in tabmail.js bug 1758282.
* Implement 'Edit Template' and 'New Message From Template' commands and
UI bug 1759376.
* [SM] Implement 'Edit Draft' command and hide it when not in a draft
folder (port Thunderbird bug 1106412) bug 1256716.
* Messages in Template folder need "Edit Template" button in header (like
for Drafts) bug 80280.
* Refactor and simplify the feed Subscribe dialog options updates bug
1420473.
* Add system memory and disk size and placeDB page limit to about:support
bug 1753729.
* Remove warning about missing plugins in SeaMonkey 2.53 and 2.57 bug
1755558.
* SeaMonkey 2.53.12 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.12 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.9 and
Thunderbird 91.9 ESR plus many enhancements have been backported. We
will continue to enhance SeaMonkey security in subsequent 2.53.x beta
and release versions as fast as we are able to.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.3:

zypper in -t patch openSUSE-2022-150=1 openSUSE-SLE-15.3-2022-150=1


Package List:

- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

aide-0.16-24.1
aide-debuginfo-0.16-24.1
aide-debugsource-0.16-24.1
aide-test-0.16-24.1

- openSUSE Leap 15.3 (i586 s390x x86_64):

seamonkey-2.53.12-lp153.17.8.2
seamonkey-debuginfo-2.53.12-lp153.17.8.2
seamonkey-debugsource-2.53.12-lp153.17.8.2
seamonkey-dom-inspector-2.53.12-lp153.17.8.2
seamonkey-irc-2.53.12-lp153.17.8.2

References:

  https://www.suse.com/security/cve/CVE-2021-45417.html
  https://bugzilla.suse.com/1194735