Security Bug in Konqueror, Updates for Seamonkey & Co
Following Firefox and Thunderbird, a known URL security bug was closed in the Seamonkey browser suite in August. A similar bug has now been found in Konqueror.
The current security bug in Konqueror could let attackers display an arbitrary website while the URL bar continues to show a trusted website status. The bug in the "setInterval()" function, which was discovered by Robert Swiecki, affects Konqueror version 3.5.7-01 in Fedora Core 6e according to security investigators Secunia. Other versions included with other distributions might also be affected. A patch is not currently available for the bug, which was classified as non-critical. Users with an affected version should avoid untrusted websites until a patch becomes available.
Three security holes have been closed in Mozilla Seamonkey; two of them also affected the Firefox browser and the Thunderbird email client. One of these bugs, which only affects Windows systems with Internet Explorer, gave attackers the ability to launch arbitrary executables in all three products by means of a specially crafted URL. Other applications are also said to be affected by the bug.
The two other bugs affect Linux systems and are disclosed in bug reports on mozilla.org. One bug occurred with add-ons that open an "about:blank" page. The second gave attackers the ability to execute malicious code by means of a specially crafted URL. Updated versions of all three Mozilla products are available from mozilla.org.
Issue 210/2018
Buy this issue as a PDF
News
-
Red Hat Enterprise Linux 7.5 Released
The latest release is focused on hybrid cloud.
-
Microsoft Releases a Linux-Based OS
The company is building a new IoT environment powered by Linux.
-
Solomon Hykes Leaves Docker
In a surprise move, Solomon Hykes, the creator of Docker has left the company.
-
Red Hat Celebrates 25th Anniversary with a New Code Portal
The company announces a GitHub page with links to source code for all its projects
-
Gnome 3.28 Released
The latest GNOME rolls out with better contact management and new features for handling virtual machines.
-
Install Firefox in a Snap on Linux
Mozilla has picked the Snap package system to deliver its application to Linux users.
-
OpenStack Queens Released
The new release comes with new features for mission critical workloads.
-
Kali Linux Comes to Windows
The Kali Linux developers even managed to run full blown XFCE desktop via WSL.
-
Ubuntu to Start Collecting Some Data with Ubuntu 18.04
It will be an ‘opt-out’ feature.
-
CNCF Illuminates Serverless Vision
The Cloud Native Computing Foundation announces a paper describing their model for a serverless ecosystem.