Bug 218692 - www/seamonkey vulnerabilities
Summary: www/seamonkey vulnerabilities
Status: Closed Not A Bug
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Only Me
Assignee: freebsd-gecko (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-04-16 21:27 UTC by lumiwa
Modified: 2017-04-17 08:24 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description lumiwa 2017-04-16 21:27:38 UTC 
I ma using Seamonkey web browser 2.46 and there are multiple vulnerabilities long time:
pkg audit
seamonkey-2.46_8 is vulnerable:
mozilla -- multiple vulnerabilities
CVE: CVE-2016-9077
CVE: CVE-2016-9076
CVE: CVE-2016-9075
CVE: CVE-2016-9074
CVE: CVE-2016-9073
CVE: CVE-2016-9072
CVE: CVE-2016-9071
CVE: CVE-2016-9070
CVE: CVE-2016-9068
CVE: CVE-2016-9067
CVE: CVE-2016-9066
CVE: CVE-2016-9065
CVE: CVE-2016-9064
CVE: CVE-2016-9063
CVE: CVE-2016-9062
CVE: CVE-2016-9061
CVE: CVE-2016-5299
CVE: CVE-2016-5298
CVE: CVE-2016-5297
CVE: CVE-2016-5296
CVE: CVE-2016-5295
CVE: CVE-2016-5294
CVE: CVE-2016-5293
CVE: CVE-2016-5292
CVE: CVE-2016-5291
CVE: CVE-2016-5290
CVE: CVE-2016-5289
WWW: https://vuxml.FreeBSD.org/freebsd/d1853110-07f4-4645-895b-6fd462ad0589.html

seamonkey-2.46_8 is vulnerable:
mozilla -- multiple vulnerabilities
CVE: CVE-2017-5396
CVE: CVE-2017-5395
CVE: CVE-2017-5394
CVE: CVE-2017-5393
CVE: CVE-2017-5392
CVE: CVE-2017-5391
CVE: CVE-2017-5390
CVE: CVE-2017-5389
CVE: CVE-2017-5388
CVE: CVE-2017-5387
CVE: CVE-2017-5386
CVE: CVE-2017-5385
CVE: CVE-2017-5384
CVE: CVE-2017-5383
CVE: CVE-2017-5382
CVE: CVE-2017-5381
CVE: CVE-2017-5380
CVE: CVE-2017-5379
CVE: CVE-2017-5378
CVE: CVE-2017-5377
CVE: CVE-2017-5376
CVE: CVE-2017-5375
CVE: CVE-2017-5374
CVE: CVE-2017-5373
WWW: https://vuxml.FreeBSD.org/freebsd/e60169c4-aa86-46b0-8ae2-0d81f683df09.html

seamonkey-2.46_8 is vulnerable:
mozilla -- multiple vulnerabilities
CVE: CVE-2016-9893
CVE: CVE-2016-9080
CVE: CVE-2016-9903
CVE: CVE-2016-9902
CVE: CVE-2016-9901
CVE: CVE-2016-9904
CVE: CVE-2016-9900
CVE: CVE-2016-9898
CVE: CVE-2016-9897
CVE: CVE-2016-9896
CVE: CVE-2016-9895
CVE: CVE-2016-9899
CVE: CVE-2016-9894
WWW: https://vuxml.FreeBSD.org/freebsd/512c0ffd-cd39-4da4-b2dc-81ff4ba8e238.html

seamonkey-2.46_8 is vulnerable:
mozilla -- multiple vulnerabilities
CVE: CVE-2017-5398
CVE: CVE-2017-5399
CVE: CVE-2017-5422
CVE: CVE-2017-5421
CVE: CVE-2017-5405
CVE: CVE-2017-5420
CVE: CVE-2017-5419
CVE: CVE-2017-5418
CVE: CVE-2017-5427
CVE: CVE-2017-5426
CVE: CVE-2017-5425
CVE: CVE-2017-5417
CVE: CVE-2017-5416
CVE: CVE-2017-5415
CVE: CVE-2017-5414
CVE: CVE-2017-5413
CVE: CVE-2017-5412
CVE: CVE-2017-5408
CVE: CVE-2017-5409
CVE: CVE-2017-5411
CVE: CVE-2017-5410
CVE: CVE-2017-5407
CVE: CVE-2017-5406
CVE: CVE-2017-5404
CVE: CVE-2017-5403
CVE: CVE-2017-5402
CVE: CVE-2017-5401
CVE: CVE-2017-5400
WWW: https://vuxml.FreeBSD.org/freebsd/96eca031-1313-4daf-9be2-9d6e1c4f1eb5.html

1 problem(s) in the installed packages found.

Is it safe to use it or i better to find another browser, please?
Comment 1 Jan Beich freebsd_committer freebsd_triage 2017-04-17 08:24:31 UTC 
"pkg audit" reports vulnerabilities in the Gecko engine shared with Firefox. How many of those affect SeaMonkey is unclear but certainly not zero. Better ask upstream.

https://lists.mozilla.org/listinfo/support-seamonkey