Detections
Analytics

Fedora 31 : seamonkey (2020-bf6ca75fec)

high Nessus Plugin ID 134334

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

Upgrade to 2.53.1

SeaMonkey-2.53.1, being initially based on the Firefox-56 and Thunderbird-56 code, incorporates now a lot of backported features and security fixes from the newer Firefox/Thunderbird versions up to 75.
That way it tries to be a modern browser, preserving the same time the familiar user interface and the ability to use traditional extensions and addons.

This version makes changes to your profile that can't be reverted in case you want to go back to a previous version of SeaMonkey. You MUST absolutely do a full backup of your profile (~/.mozilla/seamonkey/ dir) BEFORE trying to run new version.

SeaMonkey now uses GTK3 library for GUI interface. If you experienced some size issues, go to 'about:config' and try to set 'layout.css.devPixelsPerPx' preference to '1' (or any other preferred value). You can also use gtk3's environment variables GDK_SCALE and/or GDK_DPI_SCALE (useful for HiDPI displays). Since Classic theme uses system desktop theme, it might behaves incorrectly when the underlying theme (still) does not support gtk3.

Full theme add-ons may need changes because of user interface and internal changes. If you find any problem with themes, contact the theme author. Before reporting a problem with the user interface, please make sure to recreate it with either the Classic or Modern theme.

This version now includes 'Lightning' calendar. It becomes a standard part of Thunderbird/SeaMonkey, being just technically organized as an extension. This version returns providing of Chatzilla and DOM inspector extensions, just as it always was before.

It is likely you need to update your third-party extensions to newer versions. Poorly designed or incompatible extensions can cause unpredictable problems. If you encounter some strange issues, try 'seamonkey -safe-mode' from command line.

Unfortunately, it is now impossible to continue support of npapi plugins. Thus, java applets no more work :( . All modern browsers have dropped such support years ago, and even plugin owners recommend to not use it anymore. Search 'browsers with java support' if you still need it. Sorry for that. Flash is still supported, at least until its EOL at the end of 2020.

Since 2.53.1, 32-bit version (i686 arch) does not provided, because no more supported.

The old format of keys and certificates storage in the user profiles still preserved in Fedora. DO NOT TOUCH key3.db and cert8.db files (as it might be recommended in the upstream release notes) -- they still works as expected.

Please, read upstream release notes for more info https://www.seamonkey-project.org/releases/seamonkey2.53.1/

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected seamonkey package.

See Also

https://bodhi.fedoraproject.org/updates/FEDORA-2020-bf6ca75fec

https://www.seamonkey-project.org/releases/seamonkey2.53.1/

Plugin Details

Severity: High

ID: 134334

File Name: fedora_2020-bf6ca75fec.nasl

Version: 1.1

Type: local

Agent: unix

Published: 3/9/2020

Updated: 3/9/2020

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:seamonkey, cpe:/o:fedoraproject:fedora:31

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 3/8/2020

Vulnerability Publication Date: 3/8/2020

Reference Information