Security Bug in Konqueror, Updates for Seamonkey & Co
Following Firefox and Thunderbird, a known URL security bug was closed in the Seamonkey browser suite in August. A similar bug has now been found in Konqueror.
The current security bug in Konqueror could let attackers display an arbitrary website while the URL bar continues to show a trusted website status. The bug in the "setInterval()" function, which was discovered by Robert Swiecki, affects Konqueror version 3.5.7-01 in Fedora Core 6e according to security investigators Secunia. Other versions included with other distributions might also be affected. A patch is not currently available for the bug, which was classified as non-critical. Users with an affected version should avoid untrusted websites until a patch becomes available.
Three security holes have been closed in Mozilla Seamonkey; two of them also affected the Firefox browser and the Thunderbird email client. One of these bugs, which only affects Windows systems with Internet Explorer, gave attackers the ability to launch arbitrary executables in all three products by means of a specially crafted URL. Other applications are also said to be affected by the bug.
The two other bugs affect Linux systems and are disclosed in bug reports on mozilla.org. One bug occurred with add-ons that open an "about:blank" page. The second gave attackers the ability to execute malicious code by means of a specially crafted URL. Updated versions of all three Mozilla products are available from mozilla.org.
Issue 191/2016
Buy this issue as a PDF
News
-
Nextcloud Announces Raspberry Pi-Powered Home Cloud Box
Innovative system adds a hard drive and Ubuntu Core to the RPi for an IoT hub.
-
Linus Torvalds Confirms the Date of the First Linux Release
Linux is two weeks younger than we thought!
-
End of OpenOffice?
The Apache Software Foundation considers retiring OpenOffice
-
Adobe Gives New Life to NPAPI Plugin for Linux
Adobe won’t kill the plugin in 2017
-
LinuxCon North America Convenes in Toronto, Canada
Linux Foundation's big event celebrates the 25th anniversary of Linux
-
Linux Turns 25
Linux has evolved from “won’t be a professional” project to one of the most professional software projects in the history of computers.
-
Mirantis Joins Hands with SUSE To Offer RHEL Support; Red Hat Not Happy
Competitors get in the game with RHEL without Red Hat
-
Linux on Windows 10 Poses a Security Risk
Security researchers have already notified Microsoft; some fixes are available
-
Mirantis to Refactor OpenStack Fuel for Kubernetes
The company is collaborating with Google and Intel to use Kubernetes as an engine for Fuel
-
Canonical Joins Document Foundation Advisory Board
The upcoming release of LibreOffice will be available as a snap package