SeaMonkey Closes Security Holes

Tuesday, June 12, 2012 @ 03:06 PM gHale


Mozilla’s SeaMonkey Project unveiled version 2.10 of its open source “all-in-one Internet application suite.”

Like the recent Firefox and Thunderbird updates, the new version of SeaMonkey closes seven security holes, four of which rate as critical. These include a buffer overflow and use-after-free issues, as well as a privilege escalation problem in the Mozilla Updater and various memory safety hazards. High impact information disclosure and Content Security Policy inline-script bypass bugs and moderate parsing errors also ended up fixed.

RELATED STORIES
DoS Tool Takes Out Web Host
Google Rolls Out Attack Warning
Google: Web Sites Hacked
Focus to Fix Sign-On Flaws

The new release contains relatively few SeaMonkey-specific changes. By default, the upgrade highlights the domain name in the location bar, and it is possible to configure the number of restored tabs under Preferences. Additionally, the authorization dialog windows combined in order to show which server is prompting for access credentials.

However, as the update is from the Gecko platform, it includes a number of the same improvements and features as Firefox 13, such as default support for the SPDY protocol for quicker browsing on supported sites. Support for the column-fill CSS property and the CSS turn unit, as well as experimental support for ECMAScript 6 Map and Set objects are among the other changes carried over.

A full list of new features, as well as known issues, is in the change log and in the release notes. SeaMonkey 2.10 is available to download in 26 languages for Windows, Mac OS X and Linux. On Windows, the minimum system requirements for SeaMonkey changed. SeaMonkey now requires Windows XP Service Pack 2 or later; Windows 2000 no longer receives support.



Leave a Reply

You must be logged in to post a comment.