Advisories » MGASA-2017-0323

Updated iceape packages fix security vulnerabilities

Publication date: 01 Sep 2017
Modification date: 01 Sep 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2016-5287 , CVE-2016-5288 , CVE-2016-5289 , CVE-2016-5290 , CVE-2016-5292 , CVE-2016-5297 , CVE-2016-9064 , CVE-2016-9066 , CVE-2016-9067 , CVE-2016-9068 , CVE-2016-9075 , CVE-2016-9077 , CVE-2016-5291 , CVE-2016-9063 , CVE-2016-9070 , CVE-2016-9071 , CVE-2016-9073 , CVE-2016-9076 , CVE-2016-9078 , CVE-2016-9080 , CVE-2016-9893 , CVE-2016-9894 , CVE-2016-9895 , CVE-2016-9896 , CVE-2016-9897 , CVE-2016-9898 , CVE-2016-9899 , CVE-2016-9900 , CVE-2016-9901 , CVE-2016-9902 , CVE-2016-9903 , CVE-2016-9904 , CVE-2017-5373 , CVE-2017-5374 , CVE-2017-5375 , CVE-2017-5376 , CVE-2017-5377 , CVE-2017-5378 , CVE-2017-5379 , CVE-2017-5380 , CVE-2017-5381 , CVE-2017-5382 , CVE-2017-5383 , CVE-2017-5384 , CVE-2017-5385 , CVE-2017-5386 , CVE-2017-5387 , CVE-2017-5388 , CVE-2017-5389 , CVE-2017-5390 , CVE-2017-5391 , CVE-2017-5393 , CVE-2017-5396

Description

Updated Iceape packages include security fixes from upstream Seamonkey:

Multiple flaws were found in the way Iceape 2.46 processes various types
of web content, where loading a web page containing malicious content
could cause Iceape to crash, execute arbitrary code, or disclose
sensitive information. (CVE-2016-5287, CVE-2016-5288, CVE-2016-5289,
CVE-2016-5290, CVE-2016-5292, CVE-2016-5297, CVE-2016-9064,
CVE-2016-9066, CVE-2016-9067, CVE-2016-9068, CVE-2016-9075,
CVE-2016-9077, CVE-2016-5291, CVE-2016-9063, CVE-2016-9070,
CVE-2016-9071, CVE-2016-9073, CVE-2016-9076, CVE-2016-9078,
CVE-2016-9080, CVE-2016-9893, CVE-2016-9894, CVE-2016-9895,
CVE-2016-9896, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899,
CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9903,
CVE-2016-9904, CVE-2017-5373, CVE-2017-5374, CVE-2017-5375,
CVE-2017-5376, CVE-2017-5377, CVE-2017-5378, CVE-2017-5379,
CVE-2017-5380, CVE-2017-5381, CVE-2017-5382, CVE-2017-5383,
CVE-2017-5384, CVE-2017-5385, CVE-2017-5386, CVE-2017-5387,
CVE-2017-5388, CVE-2017-5389, CVE-2017-5390, CVE-2017-5391,
CVE-2017-5393, CVE-2017-5396)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21637
• https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
• https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/
• https://www.mozilla.org/en-US/security/advisories/mfsa2016-91/
• https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/
• https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5287
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5288
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5289
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5292
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9067
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9068
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9075
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9077
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9070
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9071
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9073
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9076
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9078
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9080
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9893
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9894
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9895
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9896
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9897
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9898
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9899
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9900
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9901
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9902
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9903
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9904
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5373
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5374
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5375
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5376
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5377
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5378
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5379
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5380
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5381
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5382
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5383
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5384
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5385
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5386
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5387
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5388
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5389
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5390
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5391
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5393
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5396

SRPMS

5/core

• iceape-2.48-1.mga5

6/core

• iceape-2.48-1.mga6