Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2006.0487 -- [Win][UNIX/Linux][RedHat] Critical: seamonkey security update (was mozilla) 21 July 2006 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: SeaMonkey Publisher: Red Hat Operating System: Red Hat Desktop 3 Red Hat Enterprise Linux AS/ES/WS 3 UNIX variants (UNIX, Linux, OSX) Windows Impact: Execute Arbitrary Code/Commands Read-only Data Access Provide Misleading Information Denial of Service Access: Remote/Unauthenticated CVE Names: CVE-2006-2788 CVE-2006-2787 CVE-2006-2786 CVE-2006-2785 CVE-2006-2784 CVE-2006-2783 CVE-2006-2782 CVE-2006-2781 CVE-2006-2780 CVE-2006-2779 CVE-2006-2778 CVE-2006-2776 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2006-0578.html Comment: This advisory references vulnerabilities in products which run on platforms other than Red Hat. It is recommended that administrators running SeaMonkey check for an updated version of the software for their operating system at http://www.mozilla.org. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: seamonkey security update (was mozilla) Advisory ID: RHSA-2006:0578-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0578.html Issue date: 2006-07-20 Updated on: 2006-07-20 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-2779 CVE-2006-2780 CVE-2006-2781 CVE-2006-2783 CVE-2006-2782 CVE-2006-2778 CVE-2006-2776 CVE-2006-2784 CVE-2006-2785 CVE-2006-2786 CVE-2006-2787 CVE-2006-2788 - - --------------------------------------------------------------------- 1. Summary: Updated seamonkey packages that fix several security bugs in the mozilla package are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. The Mozilla Foundation has discontinued support for the Mozilla Suite. This update deprecates the Mozilla Suite in Red Hat Enterprise Linux 3 in favor of the supported SeaMonkey Suite. This update also resolves a number of outstanding Mozilla security issues: Several flaws were found in the way Mozilla processed certain javascript actions. A malicious web page could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. (CVE-2006-2776, CVE-2006-2784, CVE-2006-2785, CVE-2006-2787) Several denial of service flaws were found in the way Mozilla processed certain web content. A malicious web page could crash firefox or possibly execute arbitrary code. These issues to date were not proven to be exploitable, but do show evidence of memory corruption. (CVE-2006-2779, CVE-2006-2780) A double-free flaw was found in the way Mozilla-mail displayed malformed inline vcard attachments. If a victim viewed an email message containing a carefully crafted vcard it could execute arbitrary code as the user running Mozilla-mail. (CVE-2006-2781) A cross site scripting flaw was found in the way Mozilla processed Unicode Byte-order-Mark (BOM) markers in UTF-8 web pages. A malicious web page could execute a script within the browser that a web input sanitizer could miss due to a malformed "script" tag. (CVE-2006-2783) A form file upload flaw was found in the way Mozilla handled javascript input object mutation. A malicious web page could upload an arbitrary local file at form submission time without user interaction. (CVE-2006-2782) A denial of service flaw was found in the way Mozilla called the crypto.signText() javascript function. A malicious web page could crash the browser if the victim had a client certificate loaded. (CVE-2006-2778) Two HTTP response smuggling flaws were found in the way Mozilla processed certain invalid HTTP response headers. A malicious web site could return specially crafted HTTP response headers which may bypass HTTP proxy restrictions. (CVE-2006-2786) A double free flaw was found in the way the nsIX509::getRawDER method was called. If a victim visited a carefully crafted web page it could execute arbitrary code as the user running Mozilla. (CVE-2006-2788) Users of Mozilla are advised to upgrade to this update, which contains SeaMonkey version 1.0.2 that is not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 196971 - CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788) 198683 - CVE-2006-2779 Multiple Mozilla issues (CVE-2006-2780, CVE-2006-2781) 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/seamonkey-1.0.2-0.1.0.EL3.src.rpm e7f42fee596ad457febe242c64bd5787 seamonkey-1.0.2-0.1.0.EL3.src.rpm i386: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 0107a05bf5bf3cd9e5b871aa52e94f02 seamonkey-chat-1.0.2-0.1.0.EL3.i386.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm cb8e2e0b35f45625fec39d28af1cb6d1 seamonkey-devel-1.0.2-0.1.0.EL3.i386.rpm d8bf06ddf59a8c26fe176c98b249cf52 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.i386.rpm 84ec6859df530a8ea6c1a71b5e9c5369 seamonkey-js-debugger-1.0.2-0.1.0.EL3.i386.rpm 546ce0126786d8dad69cd3d682301556 seamonkey-mail-1.0.2-0.1.0.EL3.i386.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm ad831a228128e9e7681b3447aa20ef52 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.i386.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 4ddfa278b3a2ce52f4ec4c13ae8e7d10 seamonkey-nss-devel-1.0.2-0.1.0.EL3.i386.rpm ia64: 3a53ec8fa9d4de0c1520f646842533be seamonkey-1.0.2-0.1.0.EL3.ia64.rpm 5248d87146f0e76cd2ec0e618b6cb928 seamonkey-chat-1.0.2-0.1.0.EL3.ia64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm 5d7c4bdc79c057f18d5403102a801cdb seamonkey-debuginfo-1.0.2-0.1.0.EL3.ia64.rpm d2eaa475714186132a69acc3f30bee43 seamonkey-devel-1.0.2-0.1.0.EL3.ia64.rpm 9f1024744a669ff06aabf64db507430a seamonkey-dom-inspector-1.0.2-0.1.0.EL3.ia64.rpm af2c3b36524f43659f1cba3c7d76a917 seamonkey-js-debugger-1.0.2-0.1.0.EL3.ia64.rpm c5ada6f5c1f0cb073e64b3cd638972a5 seamonkey-mail-1.0.2-0.1.0.EL3.ia64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm 604575dd5d1819600a7c84c1755f103c seamonkey-nspr-1.0.2-0.1.0.EL3.ia64.rpm e7093e53153651f2c501f68f6466618e seamonkey-nspr-devel-1.0.2-0.1.0.EL3.ia64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 9bed60cdd1e3d2a1dc5817f7b4f6070e seamonkey-nss-1.0.2-0.1.0.EL3.ia64.rpm c9308271dd16088fd21a191782ef2758 seamonkey-nss-devel-1.0.2-0.1.0.EL3.ia64.rpm ppc: b4cf123d709d46d5150962eb67abf700 seamonkey-1.0.2-0.1.0.EL3.ppc.rpm 14da09eb186efccd8ca3c23cb66f316d seamonkey-chat-1.0.2-0.1.0.EL3.ppc.rpm 6331f517155a5bb4d572c90f0f975f2a seamonkey-debuginfo-1.0.2-0.1.0.EL3.ppc.rpm 58596cc9f5ca02f71f33e3e10f8fd906 seamonkey-devel-1.0.2-0.1.0.EL3.ppc.rpm ea7e430989d0d435b1ec7467f3fb80d1 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.ppc.rpm 6c48be8159be70eb982148152db0a2a6 seamonkey-js-debugger-1.0.2-0.1.0.EL3.ppc.rpm dd40c7d1cbd8c965b4d1122e38ee0bc2 seamonkey-mail-1.0.2-0.1.0.EL3.ppc.rpm 7b189d2e7d5565c0374b80d0d918a635 seamonkey-nspr-1.0.2-0.1.0.EL3.ppc.rpm cacda140b54ee4fb9e36bf210825184a seamonkey-nspr-devel-1.0.2-0.1.0.EL3.ppc.rpm 719ee516e9138f3bbca0e62bf7358985 seamonkey-nss-1.0.2-0.1.0.EL3.ppc.rpm 16a0da76d3eeabf94153afcdd5f7fdf9 seamonkey-nss-devel-1.0.2-0.1.0.EL3.ppc.rpm s390: 9f9830f66e95027a8196f3814716e1cb seamonkey-1.0.2-0.1.0.EL3.s390.rpm a3f0a08bc16e9c3fd092ca14b0cd3122 seamonkey-chat-1.0.2-0.1.0.EL3.s390.rpm 6532490c2c144f9ded0d023f14d23461 seamonkey-debuginfo-1.0.2-0.1.0.EL3.s390.rpm 686e30e1d7f9e2da1104e16bf3919d12 seamonkey-devel-1.0.2-0.1.0.EL3.s390.rpm 5fadb2060f2a62af9c8f912c82433c37 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.s390.rpm 6545d7e7b0a360a3b08807c17f12ebe4 seamonkey-js-debugger-1.0.2-0.1.0.EL3.s390.rpm 6d7915768b31523e3c764e646e53d4d4 seamonkey-mail-1.0.2-0.1.0.EL3.s390.rpm 19549dc1b8c168d96d71d23f795abe29 seamonkey-nspr-1.0.2-0.1.0.EL3.s390.rpm 623e11a754c9618806bf75c37f043853 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.s390.rpm 7f50c7aa247209118565883e755c1a6c seamonkey-nss-1.0.2-0.1.0.EL3.s390.rpm 107e118d82f58c5e67d85c586689fdc5 seamonkey-nss-devel-1.0.2-0.1.0.EL3.s390.rpm s390x: 8f15d08911c6f86d2053a25f5551c2e0 seamonkey-1.0.2-0.1.0.EL3.s390x.rpm 267406f1e669245d0865a3c99711defb seamonkey-chat-1.0.2-0.1.0.EL3.s390x.rpm 6532490c2c144f9ded0d023f14d23461 seamonkey-debuginfo-1.0.2-0.1.0.EL3.s390.rpm f11aabe13123313135c35f286ff4191a seamonkey-debuginfo-1.0.2-0.1.0.EL3.s390x.rpm 532931ca70eeb234c8ff94f27513af82 seamonkey-devel-1.0.2-0.1.0.EL3.s390x.rpm 1b8a357a1373ca0b95dd239e2c3919af seamonkey-dom-inspector-1.0.2-0.1.0.EL3.s390x.rpm 487ac1817390bc95a070cc463f3844eb seamonkey-js-debugger-1.0.2-0.1.0.EL3.s390x.rpm 5e06808fb3dff165f686ba26ef4835be seamonkey-mail-1.0.2-0.1.0.EL3.s390x.rpm 19549dc1b8c168d96d71d23f795abe29 seamonkey-nspr-1.0.2-0.1.0.EL3.s390.rpm 5de0519382b91c731a33e32fd4cf0393 seamonkey-nspr-1.0.2-0.1.0.EL3.s390x.rpm b8c7b29d8ba439cb826cad8d624b4db4 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.s390x.rpm 7f50c7aa247209118565883e755c1a6c seamonkey-nss-1.0.2-0.1.0.EL3.s390.rpm af5c707597318d62e4236c5bedfcd4ee seamonkey-nss-1.0.2-0.1.0.EL3.s390x.rpm 9f13fc39e28a8c2e3ef43b52e6f3f89d seamonkey-nss-devel-1.0.2-0.1.0.EL3.s390x.rpm x86_64: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 2e860fe38f090f5c68b9f04ac0d4357d seamonkey-1.0.2-0.1.0.EL3.x86_64.rpm 2a108e026bf9266162279d183954c4e2 seamonkey-chat-1.0.2-0.1.0.EL3.x86_64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm dec96a2e7cdacb8cc9c900f40d86635a seamonkey-debuginfo-1.0.2-0.1.0.EL3.x86_64.rpm df2a0566ad96e13620e9d6c3d4114150 seamonkey-devel-1.0.2-0.1.0.EL3.x86_64.rpm 1f55d411d82759ce71ef1bee4c1a4f61 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.x86_64.rpm b4f0dd224f293363a1bc41e34d8a1c23 seamonkey-js-debugger-1.0.2-0.1.0.EL3.x86_64.rpm c8ef05e371be6ac1ca3338ac9ade1c64 seamonkey-mail-1.0.2-0.1.0.EL3.x86_64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm da40e1ac22751c1df8368d313618bea6 seamonkey-nspr-1.0.2-0.1.0.EL3.x86_64.rpm b0ae6e9b45458a80eeee64722912af59 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.x86_64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm c070487b616f51572d978bc7cd1c3673 seamonkey-nss-1.0.2-0.1.0.EL3.x86_64.rpm 45072a8cf4a7630f4ab39b45fde85608 seamonkey-nss-devel-1.0.2-0.1.0.EL3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/seamonkey-1.0.2-0.1.0.EL3.src.rpm e7f42fee596ad457febe242c64bd5787 seamonkey-1.0.2-0.1.0.EL3.src.rpm i386: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 0107a05bf5bf3cd9e5b871aa52e94f02 seamonkey-chat-1.0.2-0.1.0.EL3.i386.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm cb8e2e0b35f45625fec39d28af1cb6d1 seamonkey-devel-1.0.2-0.1.0.EL3.i386.rpm d8bf06ddf59a8c26fe176c98b249cf52 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.i386.rpm 84ec6859df530a8ea6c1a71b5e9c5369 seamonkey-js-debugger-1.0.2-0.1.0.EL3.i386.rpm 546ce0126786d8dad69cd3d682301556 seamonkey-mail-1.0.2-0.1.0.EL3.i386.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm ad831a228128e9e7681b3447aa20ef52 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.i386.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 4ddfa278b3a2ce52f4ec4c13ae8e7d10 seamonkey-nss-devel-1.0.2-0.1.0.EL3.i386.rpm x86_64: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 2e860fe38f090f5c68b9f04ac0d4357d seamonkey-1.0.2-0.1.0.EL3.x86_64.rpm 2a108e026bf9266162279d183954c4e2 seamonkey-chat-1.0.2-0.1.0.EL3.x86_64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm dec96a2e7cdacb8cc9c900f40d86635a seamonkey-debuginfo-1.0.2-0.1.0.EL3.x86_64.rpm df2a0566ad96e13620e9d6c3d4114150 seamonkey-devel-1.0.2-0.1.0.EL3.x86_64.rpm 1f55d411d82759ce71ef1bee4c1a4f61 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.x86_64.rpm b4f0dd224f293363a1bc41e34d8a1c23 seamonkey-js-debugger-1.0.2-0.1.0.EL3.x86_64.rpm c8ef05e371be6ac1ca3338ac9ade1c64 seamonkey-mail-1.0.2-0.1.0.EL3.x86_64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm da40e1ac22751c1df8368d313618bea6 seamonkey-nspr-1.0.2-0.1.0.EL3.x86_64.rpm b0ae6e9b45458a80eeee64722912af59 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.x86_64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm c070487b616f51572d978bc7cd1c3673 seamonkey-nss-1.0.2-0.1.0.EL3.x86_64.rpm 45072a8cf4a7630f4ab39b45fde85608 seamonkey-nss-devel-1.0.2-0.1.0.EL3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/seamonkey-1.0.2-0.1.0.EL3.src.rpm e7f42fee596ad457febe242c64bd5787 seamonkey-1.0.2-0.1.0.EL3.src.rpm i386: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 0107a05bf5bf3cd9e5b871aa52e94f02 seamonkey-chat-1.0.2-0.1.0.EL3.i386.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm cb8e2e0b35f45625fec39d28af1cb6d1 seamonkey-devel-1.0.2-0.1.0.EL3.i386.rpm d8bf06ddf59a8c26fe176c98b249cf52 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.i386.rpm 84ec6859df530a8ea6c1a71b5e9c5369 seamonkey-js-debugger-1.0.2-0.1.0.EL3.i386.rpm 546ce0126786d8dad69cd3d682301556 seamonkey-mail-1.0.2-0.1.0.EL3.i386.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm ad831a228128e9e7681b3447aa20ef52 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.i386.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 4ddfa278b3a2ce52f4ec4c13ae8e7d10 seamonkey-nss-devel-1.0.2-0.1.0.EL3.i386.rpm ia64: 3a53ec8fa9d4de0c1520f646842533be seamonkey-1.0.2-0.1.0.EL3.ia64.rpm 5248d87146f0e76cd2ec0e618b6cb928 seamonkey-chat-1.0.2-0.1.0.EL3.ia64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm 5d7c4bdc79c057f18d5403102a801cdb seamonkey-debuginfo-1.0.2-0.1.0.EL3.ia64.rpm d2eaa475714186132a69acc3f30bee43 seamonkey-devel-1.0.2-0.1.0.EL3.ia64.rpm 9f1024744a669ff06aabf64db507430a seamonkey-dom-inspector-1.0.2-0.1.0.EL3.ia64.rpm af2c3b36524f43659f1cba3c7d76a917 seamonkey-js-debugger-1.0.2-0.1.0.EL3.ia64.rpm c5ada6f5c1f0cb073e64b3cd638972a5 seamonkey-mail-1.0.2-0.1.0.EL3.ia64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm 604575dd5d1819600a7c84c1755f103c seamonkey-nspr-1.0.2-0.1.0.EL3.ia64.rpm e7093e53153651f2c501f68f6466618e seamonkey-nspr-devel-1.0.2-0.1.0.EL3.ia64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 9bed60cdd1e3d2a1dc5817f7b4f6070e seamonkey-nss-1.0.2-0.1.0.EL3.ia64.rpm c9308271dd16088fd21a191782ef2758 seamonkey-nss-devel-1.0.2-0.1.0.EL3.ia64.rpm x86_64: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 2e860fe38f090f5c68b9f04ac0d4357d seamonkey-1.0.2-0.1.0.EL3.x86_64.rpm 2a108e026bf9266162279d183954c4e2 seamonkey-chat-1.0.2-0.1.0.EL3.x86_64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm dec96a2e7cdacb8cc9c900f40d86635a seamonkey-debuginfo-1.0.2-0.1.0.EL3.x86_64.rpm df2a0566ad96e13620e9d6c3d4114150 seamonkey-devel-1.0.2-0.1.0.EL3.x86_64.rpm 1f55d411d82759ce71ef1bee4c1a4f61 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.x86_64.rpm b4f0dd224f293363a1bc41e34d8a1c23 seamonkey-js-debugger-1.0.2-0.1.0.EL3.x86_64.rpm c8ef05e371be6ac1ca3338ac9ade1c64 seamonkey-mail-1.0.2-0.1.0.EL3.x86_64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm da40e1ac22751c1df8368d313618bea6 seamonkey-nspr-1.0.2-0.1.0.EL3.x86_64.rpm b0ae6e9b45458a80eeee64722912af59 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.x86_64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm c070487b616f51572d978bc7cd1c3673 seamonkey-nss-1.0.2-0.1.0.EL3.x86_64.rpm 45072a8cf4a7630f4ab39b45fde85608 seamonkey-nss-devel-1.0.2-0.1.0.EL3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/seamonkey-1.0.2-0.1.0.EL3.src.rpm e7f42fee596ad457febe242c64bd5787 seamonkey-1.0.2-0.1.0.EL3.src.rpm i386: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 0107a05bf5bf3cd9e5b871aa52e94f02 seamonkey-chat-1.0.2-0.1.0.EL3.i386.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm cb8e2e0b35f45625fec39d28af1cb6d1 seamonkey-devel-1.0.2-0.1.0.EL3.i386.rpm d8bf06ddf59a8c26fe176c98b249cf52 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.i386.rpm 84ec6859df530a8ea6c1a71b5e9c5369 seamonkey-js-debugger-1.0.2-0.1.0.EL3.i386.rpm 546ce0126786d8dad69cd3d682301556 seamonkey-mail-1.0.2-0.1.0.EL3.i386.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm ad831a228128e9e7681b3447aa20ef52 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.i386.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 4ddfa278b3a2ce52f4ec4c13ae8e7d10 seamonkey-nss-devel-1.0.2-0.1.0.EL3.i386.rpm ia64: 3a53ec8fa9d4de0c1520f646842533be seamonkey-1.0.2-0.1.0.EL3.ia64.rpm 5248d87146f0e76cd2ec0e618b6cb928 seamonkey-chat-1.0.2-0.1.0.EL3.ia64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm 5d7c4bdc79c057f18d5403102a801cdb seamonkey-debuginfo-1.0.2-0.1.0.EL3.ia64.rpm d2eaa475714186132a69acc3f30bee43 seamonkey-devel-1.0.2-0.1.0.EL3.ia64.rpm 9f1024744a669ff06aabf64db507430a seamonkey-dom-inspector-1.0.2-0.1.0.EL3.ia64.rpm af2c3b36524f43659f1cba3c7d76a917 seamonkey-js-debugger-1.0.2-0.1.0.EL3.ia64.rpm c5ada6f5c1f0cb073e64b3cd638972a5 seamonkey-mail-1.0.2-0.1.0.EL3.ia64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm 604575dd5d1819600a7c84c1755f103c seamonkey-nspr-1.0.2-0.1.0.EL3.ia64.rpm e7093e53153651f2c501f68f6466618e seamonkey-nspr-devel-1.0.2-0.1.0.EL3.ia64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 9bed60cdd1e3d2a1dc5817f7b4f6070e seamonkey-nss-1.0.2-0.1.0.EL3.ia64.rpm c9308271dd16088fd21a191782ef2758 seamonkey-nss-devel-1.0.2-0.1.0.EL3.ia64.rpm x86_64: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 2e860fe38f090f5c68b9f04ac0d4357d seamonkey-1.0.2-0.1.0.EL3.x86_64.rpm 2a108e026bf9266162279d183954c4e2 seamonkey-chat-1.0.2-0.1.0.EL3.x86_64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm dec96a2e7cdacb8cc9c900f40d86635a seamonkey-debuginfo-1.0.2-0.1.0.EL3.x86_64.rpm df2a0566ad96e13620e9d6c3d4114150 seamonkey-devel-1.0.2-0.1.0.EL3.x86_64.rpm 1f55d411d82759ce71ef1bee4c1a4f61 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.x86_64.rpm b4f0dd224f293363a1bc41e34d8a1c23 seamonkey-js-debugger-1.0.2-0.1.0.EL3.x86_64.rpm c8ef05e371be6ac1ca3338ac9ade1c64 seamonkey-mail-1.0.2-0.1.0.EL3.x86_64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm da40e1ac22751c1df8368d313618bea6 seamonkey-nspr-1.0.2-0.1.0.EL3.x86_64.rpm b0ae6e9b45458a80eeee64722912af59 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.x86_64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm c070487b616f51572d978bc7cd1c3673 seamonkey-nss-1.0.2-0.1.0.EL3.x86_64.rpm 45072a8cf4a7630f4ab39b45fde85608 seamonkey-nss-devel-1.0.2-0.1.0.EL3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2782 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2776 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2785 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2786 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2788 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEv4pQXlSAg2UNWIIRAn/PAKCKtIn2+3WIa8v20D3hhIYxYC3hbACePmBV LKRJI+9klxRMhG8FBbgHPaM= =EQcr - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRMAs/Sh9+71yA2DNAQL/QQP/WTLkqb9sPoixziZFVffcxv93BNYzn2SX I3rikpeo3RxQYPJQpCSgDppRSi1ZtJvZf1VsF/MvBV7CssNUTP3rWXAGHBJzrOoj 1KzCc5Z7lr9TY8o6WtQcDcOPJf6d4aOlgaTwKBElnjqxXkrMAFqKUFo4jjJizqvZ DgyPtn/JG5M= =RLEo -----END PGP SIGNATURE-----