Re: Weird error on another Usenet server

[Paul B. Gallagher]

Mason83 wrote:


Hello,

I'm seeing this error on a different Usenet server:

A News (NNTP) error occurred: 441 437 No colon-space in
"Content-Language:" header

Sending of the message failed.

The message could not be posted because connecting to the news server
failed. The server may be unavailable or is refusing connections.
Please verify that your news server settings are correct and try
again.


As you say downthread, the field is present but empty.

What happens if you manually select a language (View | Encoding in the 
composition window)? Does SM 2.47 fill the field, or still leave it blank?


And what are your settings under Edit | Preferences | Mail & Newsgroups 
| Text encoding?


--
War doesn't determine who's right, just who's left.
--
Paul B. Gallagher

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: SM update status...

[Arnie Goetchius]

Mr. Ed wrote:
> On 12/03/16 10:24 AM, Gerd Schweizer wrote:
>> Paul B. Gallagher schrieb:
>>> Mr. Ed wrote:
>>>
 This morning when opening SM it automatically downloaded and
 installed the latest 2.47 (12/01).
>>>
>>> Really!?
>>>
>>> My SM 2.40, when asked manually to check for updates, says none are
>>> available.
>>>
>> Mine too
>>
> 
> As I stated, I was running 2.47 before the update.  The update installed an
> updated version of the 2.47 that I was running.  And yes, at the present time
> there is no update for 2.40
> 
Ditto
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Weird error on another Usenet server

[David E. Ross]

On 12/3/2016 2:45 PM, Mason83 wrote:
> On 03/12/2016 23:39, Mason83 wrote:
> 
>> On 03/12/2016 23:34, Mason83 wrote:
>>
>>> Hello,
>>>
>>> I'm seeing this error on a different Usenet server:
>>>
>>> A News (NNTP) error occurred: 441 437 No colon-space in "Content-Language:" 
>>> header
>>>
>>> Sending of the message failed.
>>>
>>> The message could not be posted because connecting to the news server
>>> failed. The server may be unavailable or is refusing connections.
>>> Please verify that your news server settings are correct and try
>>> again.
>>>
>>>
>>> Weird... I'll try again tomorrow. I'm wondering if this
>>> could be related to my recently upgrading to SM 2.47
>>
>> Indeed, if I look at this post, I see:
>>
>> "Content-Language:"
>>
>> in the headers.
>>
>> And the Usenet server is blocking me for that.
>>
>> SM 2.40 didn't transmit a Content-Language line.
>>
>> Is there an about:config I can tweak?
> 
> Even 2.46 didn't seem to add a Content-Language line.
> 
> This might be a 2.47 specific regression?
> 
> Fishing for info...
> 
> https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Language
> https://bugzilla.mozilla.org/buglist.cgi?quicksearch=content-language
> 
> Nothing jumps out at me :-(
> 
> Regards.
> 

My newgroup messages do NOT contain a Content-Language header field, but
I never see this problem with either of the two non-Mozilla NNTP servers
that I use.  I searched a few RFCs.  While I found definitions for the
Content-Language header field, I could not find any mandate for its use.

I suggest you contact the operator of the server that rejected your
messages and inquire why this is happening.

-- 
David E. Ross

The Crimea is Putin's Sudetenland.
The Ukraine will be Putin's Czechoslovakia.
See .
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Weird error on another Usenet server

[Mason83]

On 03/12/2016 23:39, Mason83 wrote:

> On 03/12/2016 23:34, Mason83 wrote:
> 
>> Hello,
>>
>> I'm seeing this error on a different Usenet server:
>>
>> A News (NNTP) error occurred: 441 437 No colon-space in "Content-Language:" 
>> header
>>
>> Sending of the message failed.
>>
>> The message could not be posted because connecting to the news server
>> failed. The server may be unavailable or is refusing connections.
>> Please verify that your news server settings are correct and try
>> again.
>>
>>
>> Weird... I'll try again tomorrow. I'm wondering if this
>> could be related to my recently upgrading to SM 2.47
> 
> Indeed, if I look at this post, I see:
> 
> "Content-Language:"
> 
> in the headers.
> 
> And the Usenet server is blocking me for that.
> 
> SM 2.40 didn't transmit a Content-Language line.
> 
> Is there an about:config I can tweak?

Even 2.46 didn't seem to add a Content-Language line.

This might be a 2.47 specific regression?

Fishing for info...

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Language
https://bugzilla.mozilla.org/buglist.cgi?quicksearch=content-language

Nothing jumps out at me :-(

Regards.

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Weird error on another Usenet server

[Mason83]

On 03/12/2016 23:34, Mason83 wrote:

> Hello,
> 
> I'm seeing this error on a different Usenet server:
> 
> A News (NNTP) error occurred: 441 437 No colon-space in "Content-Language:" 
> header
> 
> Sending of the message failed.
> 
> The message could not be posted because connecting to the news server
> failed. The server may be unavailable or is refusing connections.
> Please verify that your news server settings are correct and try
> again.
> 
> 
> Weird... I'll try again tomorrow. I'm wondering if this
> could be related to my recently upgrading to SM 2.47

Indeed, if I look at this post, I see:

"Content-Language:"

in the headers.

And the Usenet server is blocking me for that.

SM 2.40 didn't transmit a Content-Language line.

Is there an about:config I can tweak?

Regards.

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Weird error on another Usenet server

[Mason83]

Hello,

I'm seeing this error on a different Usenet server:

A News (NNTP) error occurred: 441 437 No colon-space in "Content-Language:" 
header

Sending of the message failed.

The message could not be posted because connecting to the news server failed. 
The server may be unavailable or is refusing connections. Please verify that 
your news server settings are correct and try again.


Weird... I'll try again tomorrow. I'm wondering if this
could be related to my recently upgrading to SM 2.47

Regards.
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Seamonkey 2.40 and SVG exploit

[Lee]

On 12/3/16, Pat Connors  wrote:
> I am so confused!
>
> I get it that 2.40 SeaMonkey has some problems, not sure what they are
> other than vulnerabilities.

I'd say that's plenty enough of a problem.

The latest 0day has example code posted, so the script kiddies have it
-- which is probably why we have a brand new SeaMonkey 2.47 available
at
https://l10n.mozilla-community.org/~akalla/unofficial/seamonkey/nightly/latest-comm-release-windows32/

>  Someone said to 'Turn off javascript' but
> do not know how to do so.

 edit / preferences / advanced / scripts & plugins : remove the
checkmark next to enable javascript for browser

But unless you also use another browser or are using SeaMonkey just
for reading mail, turning off javascript isn't a reasonable
work-around.  I'm pretty extreme with 'no, I don't allow javascript'
but even so, there's still a few sites where I allow it.
Noscript is a reasonable compromise
  https://addons.mozilla.org/en-US/firefox/addon/noscript/
but it does break things, does "phone home", has a default whitelist I
disagree with, etc.
All of which can be worked around, but if you're not using it now it
is going to be a bit of a learning curve.

> Others are saying to use a later release not yet on SeaMonkey site and
> not use 2.40 at all.  Okay, I think I like this option but need the
> exact link to the windows 64 version that is okay to use.

Just curious - why do you want the 64 bit version?

If you're using SM 2.40 I'm pretty sure it's a 32 bit program, so your
safest bet is to use the 32 bit version here:
https://l10n.mozilla-community.org/~akalla/unofficial/seamonkey/nightly/latest-comm-release-windows32/seamonkey-2.47.en-US.win32.installer.exe

If you do want to use the 64 bit version, it's here
https://l10n.mozilla-community.org/~akalla/unofficial/seamonkey/nightly/latest-comm-release-windows64/seamonkey-2.47.en-US.win64.installer.exe

but know that by default it installs into a different place than your
old SeaMonkey, so uninstall the 2.40 version of SeaMonkey first.
Well.. actually second.  The first thing you should do is backup your
PC & maybe even create a restore point, then uninstall SeaMonkey &
finally install your new version of SeaMonkey


> Thanks in advance for making this clear for me.

Good luck!

Lee
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Seamonkey 2.40 and SVG exploit

[Mason83]

On 03/12/2016 20:47, Pat Connors wrote:
> I am so confused!
> 
> I get it that 2.40 SeaMonkey has some problems, not sure what they are 
> other than vulnerabilities.  Someone said to 'Turn off javascript' but 
> do not know how to do so.
> 
> Others are saying to use a later release not yet on SeaMonkey site and 
> not use 2.40 at all.  Okay, I think I like this option but need the 
> exact link to the windows 64 version that is okay to use.

Several people here are using Adrian's build.
https://l10n.mozilla-community.org/~akalla/unofficial/seamonkey/nightly/

And most people use NoScript to selectively enable Javascript
for a small number of trusted (white-listed) domains.

Regards.

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Seamonkey 2.40 and SVG exploit

[Pat Connors]

I am so confused!

I get it that 2.40 SeaMonkey has some problems, not sure what they are 
other than vulnerabilities.  Someone said to 'Turn off javascript' but 
do not know how to do so.


Others are saying to use a later release not yet on SeaMonkey site and 
not use 2.40 at all.  Okay, I think I like this option but need the 
exact link to the windows 64 version that is okay to use.


Thanks in advance for making this clear for me.

--
Pat Connors
http://www.connorsgenealogy.com

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Seamonkey 2.40 and SVG exploit

[Richmond]

EE  writes:

> I am using a Tinderbox build of SM 2.47 quite happily.  It works for
> me pretty well.  It is also dated Dec 2, so hopefully has a patched
> Firefox core in it.  Also, some of the bugs that were present in 2.40
> are gone.

In this thread there are some test cases:

https://bugzilla.mozilla.org/show_bug.cgi?id=1321066

I am running SM 2.48a2 Aurora. Earlier today one of the cases was
crashing it (The one in comment 25). What I have done is disabled
loading images in SM. This stops the crash happening. Even if I enable
loading images from the image manager menu for the crash site, it still
doesn't crash.

There is some mention in the thread about "safe crashes" so I am not
sure if this crash is proof of vulnerability, but I will leave things as
they are for the moment.


___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Seamonkey 2.40 and SVG exploit

[EE]

NoOp wrote:

On 12/2/2016 2:30 PM, NFN Smith wrote:

I'm watching discussions relating to the SVG exploit, and am a little
 confused about what steps I should take.

I'm one of the users that has stayed with 2.40, and for the most
part, I'm content to wait until a new release comes through the
normal update channel, although I am concerned about the number of
security fixes accumulating, that have been applied to Firefox and
Thunderbird.

Right now, the primary question would is whether there will be an
update to 2.40 to address the SVG exploit, or if it's going to take
moving to one of the later builds, to get that.

I've seen ewong's notes about what's happening with 2.46, 2.47, etc.,
 and I hope he's able to get a breakthrough soon. (Personally, I'm OK
 with dropping both Chatzilla and DOM). But it appears that nothing
is going to be coming down the official pipeline for a while.

Assuming that, what are the options?

- Stay with 2.40, and hope that most of the risk can be offset by use
of NoScript, as suggested by Frank-Rainer Grahl? I already run
NoScript, so I'm used to how that behaves.


Turn off javascript and leave it off until 2.40 is patched. Better yet,
turn off 2.40 until 2.40 is patched.



- Use one of Adrian Kalla's unofficial builds? If so, which build,
and what potential problems are there?


Yes, 2.47

- latest-comm-release-

- Something else?


Our organization uses mostly Firefox and Thunderbird, as preferred
clients. (I'm actually one of only a couple that use Seamonkey).


I HIGHLY recommend removing 2.40 from ALL work networks.
https://blog.mozilla.org/security/category/security/
https://www.mozilla.org/en-US/security/known-vulnerabilities/seamonkey/
o now compare to everything fixed in Firefox and Thunderbird since 2.40
was released:




We

have a fairly aggressive policy stance about requiring our users to
apply security updates promptly. I know that the last time there was
a break in Seamonkey development, one of our admins was questioning
me about whether Seamonkey is still supported -- at that time, I was
running the most current version, but it was already behind Firefox
development, and the current gap between releases is even larger. For
me, a temporary move from Seamonkey to Firefox isn't a huge thing,
but having to relocate my mail to Thunderbird is more painful, as I
still do nearly everything through POP.


Thunderbird handles POP just fine. You can run SeaMonkey and Thunderbird
side-by-side to check/test, Just load up Thunderbird

I am using a Tinderbox build of SM 2.47 quite happily.  It works for me 
pretty well.  It is also dated Dec 2, so hopefully has a patched Firefox 
core in it.  Also, some of the bugs that were present in 2.40 are gone.


___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: SM update status...

[Mr. Ed]

On 12/03/16 10:24 AM, Gerd Schweizer wrote:
> Paul B. Gallagher schrieb:
>> Mr. Ed wrote:
>>
>>> This morning when opening SM it automatically downloaded and
>>> installed the latest 2.47 (12/01).
>>
>> Really!?
>>
>> My SM 2.40, when asked manually to check for updates, says none are
>> available.
>>
> Mine too
> 

As I stated, I was running 2.47 before the update.  The update installed an
updated version of the 2.47 that I was running.  And yes, at the present time
there is no update for 2.40

-- 
"This is America!  You can't make a horse
 testify against himself!"  Mister Ed
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: SM update status...

[Gerd Schweizer]

Paul B. Gallagher schrieb:

Mr. Ed wrote:


This morning when opening SM it automatically downloaded and
installed the latest 2.47 (12/01).


Really!?

My SM 2.40, when asked manually to check for updates, says none are
available.


Mine too

--
Liebe Grüße, Gerd
Satelliten FAQ
http://www.satgerd.de
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Google Earth's Time Lapse fails to work correctly in SeaMonkey v2.40? Dang send referers!

[Gérard]

Daniel wrote on 12/03/2016 03:38 PM:

On 3/12/2016 8:09 PM, Ant wrote:

On 12/1/2016 11:26 PM, Mason83 wrote:

On 02/12/2016 07:59, Ant wrote:

On 12/1/2016 7:07 PM, Ant wrote:

https://earthengine.google.com/timelapse/

Or just in mine? 64-bit W7 HPE SP1's IE11 web browser worked though.
What about the rest of you?


OK, I figured it out. Dang send referers!


I suggest sending fake referrers.

network.http.referer.XOriginPolicy = 0 (always)
network.http.referer.spoofSource = true (spoof)


Some web sites don't even like fake referers. :(


How would they know if a referrer was fake or not??



try */cairo-clock/*

--
Gérard Vinkesteijn-Rudersdorff
http://www.ciudadpatricia.es
http://facebook.com/gerard.vinkesteijn

User agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 
Firefox/52.0 SeaMonkey/2.49a2
Build identifier: 20161122013001

I never met a man I didn't want to fight.
-- Lyle Alzado, professional football lineman

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Seamonkey 2.40 and SVG exploit

[Richmond]

Maybe it would help to set image.animation_mode = none ? I can't find
anything which says one way or another.
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Google Earth's Time Lapse fails to work correctly in SeaMonkey v2.40? Dang send referers!

[Daniel]

On 3/12/2016 8:09 PM, Ant wrote:

On 12/1/2016 11:26 PM, Mason83 wrote:

On 02/12/2016 07:59, Ant wrote:

On 12/1/2016 7:07 PM, Ant wrote:

https://earthengine.google.com/timelapse/

Or just in mine? 64-bit W7 HPE SP1's IE11 web browser worked though.
What about the rest of you?


OK, I figured it out. Dang send referers!


I suggest sending fake referrers.

network.http.referer.XOriginPolicy = 0 (always)
network.http.referer.spoofSource = true (spoof)


Some web sites don't even like fake referers. :(


How would they know if a referrer was fake or not??

--
Daniel

User agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 
SeaMonkey/2.40 Build identifier: 20160120202951

or
User agent: Mozilla/5.0 (X11; Linux x86_64; rv:41.0) Gecko/20100101 
SeaMonkey/2.38 Build identifier: 20150903203501

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Seamonkey and Lastpass

[Richmond]

Richmond  writes:

> Frank-Rainer Grahl  writes:
>
>> If you are on 2.40 the data/cookie manager is half broken. Might be that you
>> have an entry for http but the entry for https is missing. Fixed in 2.45 and
>> up which will allow you the enter and show the scheme.
>>
>
> Thanks. I tried out the Aurora build and it does indeed fix the problem.

Excuse me for reviving my own thread. I found that it stopped working
again. So I have manually recreated my profile. I notice that there is a
lastpass cookie which is due to expire on 16th December so maybe it will
stop working again at that point.
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Seamonkey 2.40 and SVG exploit

[Mason83]

On 03/12/2016 10:10, Ant wrote:

> Is it confirmed that v2.40 will get a patch?

Also, I suppose even SM 2.47 is vulnerable?
Or was that the reason for the Dec 1 update, Adrian?

Regards.

___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Seamonkey 2.40 and SVG exploit

[Ant]

On 12/2/2016 6:15 PM, NoOp wrote:

On 12/2/2016 2:30 PM, NFN Smith wrote:

I'm watching discussions relating to the SVG exploit, and am a little
  confused about what steps I should take.

I'm one of the users that has stayed with 2.40, and for the most
part, I'm content to wait until a new release comes through the
normal update channel, although I am concerned about the number of
security fixes accumulating, that have been applied to Firefox and
Thunderbird.

Right now, the primary question would is whether there will be an
update to 2.40 to address the SVG exploit, or if it's going to take
moving to one of the later builds, to get that.

I've seen ewong's notes about what's happening with 2.46, 2.47, etc.,
  and I hope he's able to get a breakthrough soon. (Personally, I'm OK
  with dropping both Chatzilla and DOM). But it appears that nothing
is going to be coming down the official pipeline for a while.

Assuming that, what are the options?

- Stay with 2.40, and hope that most of the risk can be offset by use
of NoScript, as suggested by Frank-Rainer Grahl? I already run
NoScript, so I'm used to how that behaves.


Turn off javascript and leave it off until 2.40 is patched. Better yet,
turn off 2.40 until 2.40 is patched.


Is it confirmed that v2.40 will get a patch?
--
"We ants are runnin' the show! We're the lords of the earth!" --ANTZ
Note: A fixed width font (Courier, Monospace, etc.) is required to see 
this signature correctly.

   /\___/\ Ant(Dude) @ http://antfarm.ma.cx (Personal Web Site)
  / /\ /\ \Ant's Quality Foraged Links: http://aqfl.net
 | |o   o| |
\ _ /If crediting, then use Ant nickname and AQFL URL/link.
 ( )   Axe ANT from its address if e-mailing privately.
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Re: Google Earth's Time Lapse fails to work correctly in SeaMonkey v2.40? Dang send referers!

[Ant]

On 12/1/2016 11:26 PM, Mason83 wrote:

On 02/12/2016 07:59, Ant wrote:

On 12/1/2016 7:07 PM, Ant wrote:

https://earthengine.google.com/timelapse/

Or just in mine? 64-bit W7 HPE SP1's IE11 web browser worked though.
What about the rest of you?


OK, I figured it out. Dang send referers!


I suggest sending fake referrers.

network.http.referer.XOriginPolicy = 0 (always)
network.http.referer.spoofSource = true (spoof)


Some web sites don't even like fake referers. :(
--
"Left right left right we're army ants. We swarm we fight. We have no 
home. We roam. We race. You're lucky if we miss your place." --Douglas 
Florian (The Army Ants Poem)
Note: A fixed width font (Courier, Monospace, etc.) is required to see 
this signature correctly.

   /\___/\ Ant(Dude) @ http://antfarm.ma.cx (Personal Web Site)
  / /\ /\ \Ant's Quality Foraged Links: http://aqfl.net
 | |o   o| |
\ _ /If crediting, then use Ant nickname and AQFL URL/link.
 ( )   Axe ANT from its address if e-mailing privately.
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey