Security Bug in Konqueror, Updates for Seamonkey & Co
Following Firefox and Thunderbird, a known URL security bug was closed in the Seamonkey browser suite in August. A similar bug has now been found in Konqueror.
The current security bug in Konqueror could let attackers display an arbitrary website while the URL bar continues to show a trusted website status. The bug in the "setInterval()" function, which was discovered by Robert Swiecki, affects Konqueror version 3.5.7-01 in Fedora Core 6e according to security investigators Secunia. Other versions included with other distributions might also be affected. A patch is not currently available for the bug, which was classified as non-critical. Users with an affected version should avoid untrusted websites until a patch becomes available.
Three security holes have been closed in Mozilla Seamonkey; two of them also affected the Firefox browser and the Thunderbird email client. One of these bugs, which only affects Windows systems with Internet Explorer, gave attackers the ability to launch arbitrary executables in all three products by means of a specially crafted URL. Other applications are also said to be affected by the bug.
The two other bugs affect Linux systems and are disclosed in bug reports on mozilla.org. One bug occurred with add-ons that open an "about:blank" page. The second gave attackers the ability to execute malicious code by means of a specially crafted URL. Updated versions of all three Mozilla products are available from mozilla.org.
Issue 245/2021
Buy this issue as a PDF
News
-
OpenMandriva Lx 4.2 has Arrived
The latest stable version of OpenMandriva has been released and offers the newest KDE desktop and ARM support.
-
Thunderbird 78 is being ported to Ubuntu 20.04
The Ubuntu developers have made the decision to port the latest release of Thunderbird to the LTS version of the platform.
-
Elementary OS is Bringing Multi-Touch Gestures to the OS
User-friendly Linux distribution, elementary OS, is working to make using the fan-favorite platform even better for laptops.
-
Decade-Old Sudo Flaw Discovered
A vulnerability has been discovered in the Linux sudo command that’s been hiding in plain sight.
-
Another New Linux Laptop has Arrived
Slimbook has released a monster of a Linux gaming laptop.
-
Mozilla VPN Now Available for Linux
The promised subscription-based VPN service from Mozilla is now available for the Linux platform.
-
Wayland and New App Menu Coming to KDE
The 2021 roadmap for the KDE desktop environment includes some exciting features and improvements.
-
Deepin 20.1 has Arrived
Debian-based Deepin 20.1 has been released with some interesting new features.
-
CloudLinux Commits Over 1 Million Dollars to CentOS Replacement
An open source, drop-in replacement for CentOS is on its way.
-
Linux Mint 20.1 Beta has Been Released
The first beta of Linux Mint, Ulyssa, is now available for downloading.