CESA-2011:1244 -- centos 4 i386 seamonkeyID: oval:org.secpod.oval:def:201622 | Date: (C)2012-01-31 (M)2018-05-10 |
Class: PATCH | Family: unix |
SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. It was found that a Certificate Authority issued a fraudulent HTTPS certificate. This update renders any HTTPS certificates signed by that CA as untrusted, except for a select few. The now untrusted certificates that were issued before July 1, 2011 can be manually re-enabled and used again at your own risk in SeaMonkey; however, affected certificates issued after this date cannot be re-enabled or used. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.