ID SSA-2012-166-03 Type slackware Reporter Slackware Linux Project Modified 2012-06-14T23:45:45
Description
New mozilla-thunderbird packages are available for Slackware 13.37,
and -current to fix security issues.
Here are the details from the Slackware 13.37 ChangeLog:
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
( Security fix )
Where to find the new packages:
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/mozilla-thunderbird-13.0-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/mozilla-thunderbird-13.0-x86_64-1_slack13.37.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-13.0-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-13.0-x86_64-1.txz
Upgrade the packages as root:
> upgradepkg mozilla-thunderbird-13.0-i486-1_slack13.37.txz
{"id": "SSA-2012-166-03", "type": "slackware", "bulletinFamily": "unix", "title": "[slackware-security] mozilla-thunderbird", "description": "New mozilla-thunderbird packages are available for Slackware 13.37,\nand -current to fix security issues.\n\n\nHere are the details from the Slackware 13.37 ChangeLog:\n\nThis release contains security fixes and improvements.\n For more information, see:\n http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/mozilla-thunderbird-13.0-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/mozilla-thunderbird-13.0-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-13.0-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-13.0-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.37 package:\n4f24470dbdad582e8e11fdaf12c2c43d mozilla-thunderbird-13.0-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n40a1091b5ede6aab3e00370bd5e546ca mozilla-thunderbird-13.0-x86_64-1_slack13.37.txz\n\nSlackware -current package:\n0b374ed6606ce0b27da6010d634586b7 xap/mozilla-thunderbird-13.0-i486-1.txz\n\nSlackware x86_64 -current package:\na3b7194b9f2d1ac3537404b7f7a151b4 xap/mozilla-thunderbird-13.0-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg mozilla-thunderbird-13.0-i486-1_slack13.37.txz", "published": "2012-06-14T23:45:45", "modified": "2012-06-14T23:45:45", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.355681", "reporter": "Slackware Linux Project", "references": [], "cvelist": [], "lastseen": "2020-10-25T16:36:10", "viewCount": 0, "enchantments": {"score": {"value": 3.1, "vector": "NONE", "modified": "2020-10-25T16:36:10", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:71986", "OPENVAS:136141256231071986", "OPENVAS:136141256231071984", "OPENVAS:136141256231071985", "OPENVAS:136141256231071987", "OPENVAS:136141256231056966"]}, {"type": "nessus", "idList": ["SLACKWARE_SSA_2012-166-03.NASL"]}], "modified": "2020-10-25T16:36:10", "rev": 2}, "vulnersScore": 3.1}, "affectedPackage": [{"OS": "Slackware", "OSVersion": "13.37", "arch": "i486", "packageName": "mozilla-thunderbird", "packageVersion": "13.0", "packageFilename": "mozilla-thunderbird-13.0-i486-1_slack13.37.txz", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "13.37", "arch": "x86_64", "packageName": "mozilla-thunderbird", "packageVersion": "13.0", "packageFilename": "mozilla-thunderbird-13.0-x86_64-1_slack13.37.txz", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "current", "arch": "i486", "packageName": "mozilla-thunderbird", "packageVersion": "13.0", "packageFilename": "mozilla-thunderbird-13.0-i486-1.txz", "operator": "lt"}, {"OS": "Slackware", "OSVersion": "current", "arch": "x86_64", "packageName": "mozilla-thunderbird", "packageVersion": "13.0", "packageFilename": "mozilla-thunderbird-13.0-x86_64-1.txz", "operator": "lt"}]}
{"openvas": [{"lastseen": "2019-05-29T18:39:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2006-1173"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2006-166-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231056966", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231056966", "type": "openvas", "title": "Slackware Advisory SSA:2006-166-01 sendmail", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2006_166_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.56966\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2006-1173\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2006-166-01 sendmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(8\\.1|9\\.0|9\\.1|10\\.0|10\\.1|10\\.2)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2006-166-01\");\n script_xref(name:\"URL\", value:\"http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc\");\n script_xref(name:\"URL\", value:\"http://www.sendmail.com/security/advisories/SA-200605-01/faq.shtml\");\n\n script_tag(name:\"insight\", value:\"New sendmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0,\n10.1, 10.2, and -current to fix a possible denial-of-service issue.\n\nSendmail's complete advisory is linked in the references.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2006-166-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"sendmail\", ver:\"8.13.7-i386-1_slack8.1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail-cf\", ver:\"8.13.7-noarch-1_slack8.1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail\", ver:\"8.13.7-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail-cf\", ver:\"8.13.7-noarch-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail\", ver:\"8.13.7-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail-cf\", ver:\"8.13.7-noarch-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail\", ver:\"8.13.7-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail-cf\", ver:\"8.13.7-noarch-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail\", ver:\"8.13.7-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail-cf\", ver:\"8.13.7-noarch-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail\", ver:\"8.13.7-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"sendmail-cf\", ver:\"8.13.7-noarch-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-03-18T14:42:04", "bulletinFamily": "scanner", "cvelist": [], "description": "The remote host is missing an update as announced\nvia advisory SSA:2012-166-03.", "modified": "2019-03-15T00:00:00", "published": "2012-09-10T00:00:00", "id": "OPENVAS:136141256231071986", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071986", "type": "openvas", "title": "Slackware Advisory SSA:2012-166-03 mozilla-thunderbird", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2012_166_03.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from advisory SSA:2012-166-03\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71986\");\n script_version(\"$Revision: 14202 $\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:20 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2012-166-03 mozilla-thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK13\\.37\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2012-166-03\");\n\n script_tag(name:\"insight\", value:\"New mozilla-thunderbird packages are available for Slackware 13.37,\nand -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2012-166-03.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"13.0-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-03-18T14:42:25", "bulletinFamily": "scanner", "cvelist": [], "description": "The remote host is missing an update as announced\nvia advisory SSA:2012-166-02.", "modified": "2019-03-15T00:00:00", "published": "2012-09-10T00:00:00", "id": "OPENVAS:136141256231071987", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071987", "type": "openvas", "title": "Slackware Advisory SSA:2012-166-02 mozilla-firefox", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2012_166_02.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from advisory SSA:2012-166-02\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71987\");\n script_version(\"$Revision: 14202 $\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:20 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2012-166-02 mozilla-firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK13\\.37\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2012-166-02\");\n\n script_tag(name:\"insight\", value:\"New mozilla-firefox packages are available for Slackware 13.37, and -current to\nfix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2012-166-02.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"mozilla-firefox\", ver:\"13.0-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2017-07-24T12:51:14", "bulletinFamily": "scanner", "cvelist": [], "description": "The remote host is missing an update as announced\nvia advisory SSA:2012-166-03.", "modified": "2017-07-06T00:00:00", "published": "2012-09-10T00:00:00", "id": "OPENVAS:71986", "href": "http://plugins.openvas.org/nasl.php?oid=71986", "type": "openvas", "title": "Slackware Advisory SSA:2012-166-03 mozilla-thunderbird ", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2012_166_03.nasl 6581 2017-07-06 13:58:51Z cfischer $\n# Description: Auto-generated from advisory SSA:2012-166-03\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"New mozilla-thunderbird packages are available for Slackware 13.37,\nand -current to fix security issues.\";\ntag_summary = \"The remote host is missing an update as announced\nvia advisory SSA:2012-166-03.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2012-166-03\";\n \nif(description)\n{\n script_id(71986);\n script_version(\"$Revision: 6581 $\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:58:51 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:20 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2012-166-03 mozilla-thunderbird \");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-slack.inc\");\nvuln = 0;\nif(isslkpkgvuln(pkg:\"mozilla-thunderbird\", ver:\"13.0-i486-1_slack13.37\", rls:\"SLK13.37\")) {\n vuln = 1;\n}\n\nif(vuln) {\n security_message(0);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-03-18T14:41:47", "bulletinFamily": "scanner", "cvelist": [], "description": "The remote host is missing an update as announced\nvia advisory SSA:2012-166-04.", "modified": "2019-03-15T00:00:00", "published": "2012-09-10T00:00:00", "id": "OPENVAS:136141256231071985", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071985", "type": "openvas", "title": "Slackware Advisory SSA:2012-166-04 seamonkey", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2012_166_04.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from advisory SSA:2012-166-04\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71985\");\n script_version(\"$Revision: 14202 $\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:20 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2012-166-04 seamonkey\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK13\\.37\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2012-166-04\");\n\n script_tag(name:\"insight\", value:\"New seamonkey packages are available for Slackware 13.37, and -current to\nfix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2012-166-04.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"seamonkey\", ver:\"2.10-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"seamonkey-solibs\", ver:\"2.10-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-05-29T18:39:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1667", "CVE-2012-1033"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2012-166-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-10T00:00:00", "id": "OPENVAS:136141256231071984", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071984", "type": "openvas", "title": "Slackware Advisory SSA:2012-166-01 bind", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2012_166_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from advisory SSA:2012-166-01\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71984\");\n script_cve_id(\"CVE-2012-1033\", \"CVE-2012-1667\");\n script_tag(name:\"cvss_base\", value:\"8.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:C\");\n script_version(\"$Revision: 14202 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-09-10 07:16:20 -0400 (Mon, 10 Sep 2012)\");\n script_name(\"Slackware Advisory SSA:2012-166-01 bind\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(8\\.1|9\\.0|9\\.1|10\\.0|10\\.1|10\\.2|11\\.0|12\\.0|12\\.1|12\\.2|13\\.0|13\\.1|13\\.37)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2012-166-01\");\n\n script_tag(name:\"insight\", value:\"New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2012-166-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.4_ESV_R5-i386-2_slack8.1\", rls:\"SLK8.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i386-1_slack9.0\", rls:\"SLK9.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack13.0\", rls:\"SLK13.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack13.1\", rls:\"SLK13.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"bind\", ver:\"9.7.6_P1-i486-1_slack13.37\", rls:\"SLK13.37\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 8.5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-17T09:10:37", "description": "New mozilla-thunderbird packages are available for Slackware 13.37,\nand -current to fix security issues.", "edition": 21, "published": "2012-06-15T00:00:00", "title": "Slackware 13.37 / current : mozilla-thunderbird (SSA:2012-166-03)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": [], "modified": "2012-06-15T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux", "p-cpe:/a:slackware:slackware_linux:mozilla-thunderbird"], "id": "SLACKWARE_SSA_2012-166-03.NASL", "href": "https://www.tenable.com/plugins/nessus/59509", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2012-166-03. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59509);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_xref(name:\"SSA\", value:\"2012-166-03\");\n\n script_name(english:\"Slackware 13.37 / current : mozilla-thunderbird (SSA:2012-166-03)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New mozilla-thunderbird packages are available for Slackware 13.37,\nand -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2012&m=slackware-security.355681\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9d9ff03f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mozilla-thunderbird package.\"\n );\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:mozilla-thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.37\", pkgname:\"mozilla-thunderbird\", pkgver:\"13.0\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"mozilla-thunderbird\", pkgver:\"13.0\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"mozilla-thunderbird\", pkgver:\"13.0\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"mozilla-thunderbird\", pkgver:\"13.0\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}]}
