Security Update for Mozilla Mail Products
Security fixes address a few vulnerabilities in Mozilla Thunderbird and SeaMonkey.
Mozilla Foundation Security Advisory MFSA-2009-33 reports security problems in Thunderbird mailer and mail components in the SeaMonkey suite. Crashes could occur from viewing messages with a multipart/alternative content type with a text/enhanced part, leading to a possible exploitation. Mozilla considers the impact "high."
An update for Thunderbird 2.0.0.22 solves this problem along with a few others of lesser impact. SeaMonkey users should resort to a 1.1.17 download, as this version resolves three other vulnerabilities of a "critical" impact. Among them are a crash with a memory corruption and JavaScript code given too high a privilege.
Issue 163/2014
Buy this issue as a PDF
Digital Issue: Price $9.99
(incl. VAT)
Tag Cloud
News
-
KDE Announces Software Compilation 4.13
New release comes with better semantic search and improvements to Kontact.
-
Coverity: Open Source Code has Fewer Defects
Annual code quality report shows FOSS is more secure at all project size levels.
-
An Even Smaller Raspberry Pi
The Raspberry Pi Foundation has announced an even smaller version of the tiny computer that will fit into a DIMM slot.
-
Freaky Privilege Escalation Attack
A new class of problems lets a malicious app pre-configure an invisible privilege update.
-
Facebook Rolls Out New PHP-like Programming Language
New Hack language adds static typing and other conveniences.
-
Fedora Announces Innovative Crytography Policy System
New crypto policy system will offer easier configuration and more uniform security.
-
Shuttleworth Calls for Declarative Firmware
Ubuntu founder denounces insecurity in proprietary, close-source software blobs.
-
New TLS Attack Takes the S out of HTTPS
Vulnerability affects many Linux web servers
-
Munich Adopts Kolab
The Bavarian capital shuns Microsoft, Google, and other alternatives to implement an open source groupware solution.
-
Canonical Announces Ubuntu Smartphones
Phone vendor partnerships bring Mark Shuttleworth's dream of Ubuntu on a phone a step closer to reality.