SeaMonkey 1.1.18 closes security holes
The Mozilla SeaMonkey developers have released an update to SeaMonkey 1.1.x to close a number of security vulnerabilities in the integrated browser, email, newsgroup reader and HTML editing application. The two critical vulnerabilities are a heap overflow when parsing certificates, reported by Moxie Marlinspike and an SSL compromise, reported by Dan Kaminsky. These vulnerabilities were addressed in Firefox and Thunderbird in August.
The SeaMonkey developers urge all users of older versions of SeaMonkey, and users of the older Mozilla Suite or Netscape 4,6 or 7, to upgrade to SeaMonkey 1.1.18. SeaMonkey is available to download for Windows, Linux or Mac OS X. Release notes are available, covering the installation/upgrade process. SeaMonkey is licensed under a MPL/GPL/LGPL tri-licence.