openSUSE Security Update: Security update for seamonkey ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1588-1 Rating: important References: Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for seamonkey fixes the following issues: update to SeaMonkey 2.53.10.1 * Security fix for NSS code bug 1737470. * Only use networks and servers in lower case in ChatZilla bug 1742502. * Change classic form icon in SeaMonkey composer bug 1710915. * Addition fixes for SeaMonkey 32x32 default icons on Windows and macOS bug 1729153. * SeaMonkey 2.53.10.1 uses the same backend as Firefox and contains the relevant Firefox 60.8 security fixes. * SeaMonkey 2.53.10.1 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 60.0 release notes for specific changes and security fixes in this release. * Additional important security fixes up to Current Firefox 91.4 ESR and a few enhancements have been backported. We will continue to enhance SeaMonkey security in subsequent 2.53.x beta and release versions as fast as we are able to. update to SeaMonkey 2.53.10 * Minor fixes for testdisplay command in ChatZilla bug 1727976. * Show CTCP requests (excluding ACTION and DCC) bug 1722156. * IRCv3: Add support for server-time bug 1724586. * Add localization note for network editor dialog width in ChatZilla bug 1727977. * IRCv3: Add support for extended-join and account-notify bug 1722159. * Add ability to collapse message groups in ChatZilla bug 1724588. * Fix JS strict warnings in unescapeTagValue in ChatZilla bug 1727989. * IRCv3: Add support for invite-notify bug 1722161. * IRCv3: Add support for batch bug 1724589. * Fix JS strict warning in addHistory in cZ static.js bug 1727992. * IRCv3: Add support for cap-notify bug 1722162. * Stop using canonical name as collection keys in ChatZilla bug 1728025. * IRCv3: Add support for TLS and STS bug 1722166. * Helper function for renaming irc server properties in ChatZilla bug 1728027. * IRCv3: Add support for MONITOR bug 1722174. * Remove use of msg.commasp in ChatZilla bug 1726965. * Allow shiftKey to modify behaviour of link clicking in cZ bug 1713458. * IRCv3: Add support for echo-message bug 1722211. * In ChatZilla make /commands return all matches starting with pattern bug 1726966. * Use SeaMonkey prefs to determine how links behave in cZ bug 1713467. * Allow parameters to be localised in ChatZilla bug 1724105. * Add identify command to cZ and hook into password management bug 1713470. * IRCv3.1: Implement SASL with PLAIN mechanism bug 1717545. * IRCv3: Add support for message tags bug 1724584. * Add last read message divider to ChatZilla bug 1729159. * IRCv3: Add support for account-tag bug 1724585. * Missing option "text encoding Unicode/UTF-8" in preferences - Mailnews bug 1679260. * Detect Crashreporter using AppConstants in SeaMonkey bug 1735236. * Link about LEGACY extensions in Add-ons Manager is broken bug 1656797. * Update help for clear private data preferences and dialog bug 1728911. * Fix typo in cs_nav_prefs_appearance bug 1737473. * Drop leftover "Edit Menu" comment from messageWindow.xul and addressbook.xul bug 1725121. * Add dummy tab routines to SeaMonkey mailnews tab browser bug 1735243. * Folder pane and tab/window title not updated correctly when opening in new tab bug 1726940. * Allow mail tab bar to be controlled separately to browser tab bar bug 1724515. * Copy any user set values for new mail.tabs prefs bug 1729165. * Merge Master Passwords and Passwords pref panes into a single pref pane bug 1728099. * Move warning about redirection pref from Content to Privacy & Security pane bug 1728185. * Move website icons prefs from content pref pane to browser pref pane bug 1727425. * Move browser / mailnews system integration prefs into advanced pane bug 1727659. * Have separate opentabfor.middleclick for mailnews bug 1727948. * Add removeBrowser helper for tabbrowser bug 1730391. * Put <browser> in a <stack> so it's easy to overlay bug 1730392. * Allow browser focus to be avoided bug 1720003. * SeaMonkey 32x32 default icon has light stripe at the bottom bug 1729153. * Support <input type=time> and <input type=date> in SeaMonkey bug 1730408. * Middleclick on browser tab handled twice (closes tab and loads URL from primary or clipboard) bug 1734407. * Unable to create a new "Saved Search Folder" using "Save View as a Folder..." bug 1738669. * Enable compression for standard http connections bug 1728996. * Support VS2022 for compiling under Windows bug 1728988. * SeaMonkey 2.53.10 uses the same backend as Firefox and contains the relevant Firefox 60.8 security fixes. * SeaMonkey 2.53.10 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 60.0 release notes for specific changes and security fixes in this release. * Additional important security fixes up to Current Firefox 78.15 ESR and a few enhancements have been backported. We will continue to enhance SeaMonkey security in subsequent 2.53.x beta and release versions as fast as we are able to. update to SeaMonkey 2.53.9.1 * Fix the lazy loading of images from some websites bug 1727967. * Move certain font family defaults from serif to sans serif bug 1727982. * SeaMonkey 2.53.9.1 uses the same backend as Firefox and contains the relevant Firefox 60.8 security fixes. * SeaMonkey 2.53.9.1 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 60.0 release notes for specific changes and security fixes in this release. * Additional important security fixes up to Current Firefox 78.14 ESR and a few enhancements have been backported. We will continue to enhance SeaMonkey security in subsequent 2.53.x beta and release versions as fast as we are able to. update to SeaMonkey 2.53.9 * There is now an option to clear browser history during shutdown bug 1621445. * Uninstall plugin command for ChatZilla bug 541719. * Update icons used in ChatZilla status bar bug 1710238 and bug 1710249. * Make ChatZilla understand mIRC color code 99 bug 1710298. * Implement IRCv3 basic CAP negotiation bug 1717539 and CAP LIST and update CAP ACK and CAP LS bug 1710313. * Use Unicode instead of images for emojis in ChatZilla bug 1711375 and add some extra emojis bug 1711376. * Use SeaMonkey's configured web search rather than a separate one in ChatZilla bug 1712498. * Add a networks editor to ChatZilla bug 1716232. * Implement IRCv3 away-notify bug 1717543, chghost and userhost-in-names bug 1717544, self-messaging bug 1722212 and WHOX bug 1722214. * Link to SeaMonkey website in debugQA for verification sites and development section bug 1685606. * Send button should be disable until we have a recipient bug 104973. * Remove need to use a modifier for marking messages as unread bug 1719216. * SeaMonkey 2.53.9 uses the same backend as Firefox and contains the relevant Firefox 60.8 security fixes. * SeaMonkey 2.53.9 shares most parts of the mail and news code with Thunderbird. Please read the Thunderbird 60.0 release notes for specific changes and security fixes in this release. * Additional important security fixes up to Current Firefox 78.13 ESR and a few enhancements have been backported. We will continue to enhance SeaMonkey security in subsequent 2.53.x beta and release versions as fast as we are able to. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2021-1588=1 Package List: - openSUSE Backports SLE-15-SP3 (aarch64 i586 x86_64): seamonkey-2.53.10.1-bp153.10.1 seamonkey-dom-inspector-2.53.10.1-bp153.10.1 seamonkey-irc-2.53.10.1-bp153.10.1 References: