Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey:
moz_bug_r_a4 discovered a privilege escalation vulnerability in addon handling.
Yosuke Hasegawa discovered that incorrect handling of Shift-JIS encodings could lead to cross-site scripting.
The oldstable distribution (lenny) is not affected. The iceape package only provides the XPCOM code.
For the stable distribution (squeeze), this problem has been fixed in version 2.0.11-9.
For the unstable distribution (sid), this problem has been fixed in version 2.0.14-9.
We recommend that you upgrade your iceape packages.