Linux Security
    Linux Security
    Linux Security

    Debian: DSA-3849-1: kde4libs security update

    Date
    153
    Posted By
    Several vulnerabilities were discovered in kde4libs, the core libraries for all KDE 4 applications. The Common Vulnerabilities and Exposures project identifies the following problems:
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-3849-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                     Salvatore Bonaccorso
    May 12, 2017                          https://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : kde4libs
    CVE ID         : CVE-2017-6410 CVE-2017-8422
    Debian Bug     : 856890
    
    Several vulnerabilities were discovered in kde4libs, the core libraries
    for all KDE 4 applications. The Common Vulnerabilities and Exposures
    project identifies the following problems:
    
    CVE-2017-6410
    
        Itzik Kotler, Yonatan Fridburg and Amit Klein of Safebreach Labs
        reported that URLs are not sanitized before passing them to
        FindProxyForURL, potentially allowing a remote attacker to obtain
        sensitive information via a crafted PAC file.
    
    CVE-2017-8422
    
        Sebastian Krahmer from SUSE discovered that the KAuth framework
        contains a logic flaw in which the service invoking dbus is not
        properly checked. This flaw allows spoofing the identity of the
        caller and gaining root privileges from an unprivileged account.
    
    For the stable distribution (jessie), these problems have been fixed in
    version 4:4.14.2-5+deb8u2.
    
    For the unstable distribution (sid), these problems have been fixed in
    version 4:4.14.26-2.
    
    We recommend that you upgrade your kde4libs packages.
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    Tails is the most secure Linux distro out there.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/41-ubuntu-is-a-more-secure-distro-than-fedora?task=poll.vote&format=json
    41
    radio
    [{"id":"142","title":"Yes - Tails get my vote!","votes":"2","type":"x","order":"1","pct":100,"resources":[]},{"id":"143","title":"Nope - Parrot OS has surpassed Tails in its security and privacy.","votes":"0","type":"x","order":"2","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.