[email protected] wrote on 13/10/2016 08:06:
There's at least one security vulnerability that is missing from this NSS
version: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
There was a bugfix in NSS https://bugzilla.mozilla.org/show_bug.cgi?id=1245528
to solve this issue but unfortunately it seems that this bugfix is not in
3.20.x according to the developer entries. I didn't check the code yet if the
bugfix is really missing!
So my question is why seamonkey uses still this outdated NSS version? It should
use at least 3.21.1 (that is in latest firefox esr /45.4.0/ and also in latest
thunderbird /45.4.0/)
As a workaround i can copy the nss libraries from firefox esr to seamonkey
until a security release of seamonkey let's say 2.40.1 arrives. I tried this
end i can start seamonkey with newer NSS library because they're compatible.
"As a workaround i can copy the nss libraries from firefox esr to
seamonkey "
Could you tell us what we need (in details) to do ?
I have Firefox 46.0.1 and SeaMonkey 2.40 on a windows pc.
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
