Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 10: 2009-9427 Moderate Security Patch for KDE KSSL Issues

fedora
Calendar Grey September 15, 2009
Dist Fedora Esm H88
KDE 4.3.1 includes essential bug corrections and a possible security update for Fedora 10. Upgrade today for enhanced reliability.
This updates KDE to 4.3.1, the latest upstream bugfix release

Summary

Graphics applications, including

* gwenview (an image viewer)

* kamera (digital camera support)

* kcolorchooser (a color chooser)

* kolourpaint4 (an easy-to-use paint program)

* kruler (screen ruler and color measurement tool)

* ksnapshot (screen capture utility)

* okular (a document viewer)

Update Information:

This updates KDE to 4.3.1, the latest upstream bugfix release. The main improvements are: * KDE 4.3 is now also available in Croatian. * A crash when editing toolbar setup has been fixed. * Support for transferring files through SSH using KIO::Fish has been fixed. * A number of bugs in KWin, KDE's window and compositing manager has been fixed. * A large number of bugs in KMail, KDE's email client are now gone. See https://kde.org/announcements/announce-4.3.1/ for more information. In addition, this update: * fixes a potential security issue (CVE-2009-2702) with certificate validation in the KIO KSSL code. It is believed that the affected code is not actually used (the code in Qt, for which a security update was already issued, is) and thus the issue is only potential, but KSSL is being patched just in case, * splits PolicyKit-kde out of kdebase-workspace again to avoid forcing it onto GNOME-based setups, where PolicyKit-gnome is desired instead (#519654).

Topics%20covered

Topics Covered

security advisory moderate Fedora bug fix KDE certificate validation KSSL

Change Log

* Fri Aug 28 2009 Than Ngo - 4.3.1-1 - 4.3.1 * Thu Jul 30 2009 Than Ngo - 4.3.0-1 - 4.3.0 * Fri Jul 24 2009 Fedora Release Engineering - 7:4.2.98-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Wed Jul 22 2009 Than Ngo - 4.2.98-1 - 4.3rc3 * Fri Jul 10 2009 Than Ngo - 4.2.96-1 - 4.3rc2 * Fri Jun 26 2009 Than Ngo - 4.2.95-1 - 4.3rc1 * Mon Jun 22 2009 Rex Dieter - 4.2.90-2 - rebuild (poppler reduced libs) * Wed Jun 3 2009 Rex Dieter - 4.2.90-1 - KDE-4.3 beta2 (4.2.90) * Wed May 27 2009 Rex Dieter - 4.2.85-3 - fix non-gphoto/sane build, for s390 (#502827) - drop < F-10 conditionals * Wed May 20 2009 Kevin Kofler - 4.2.85-2 - rebuild for new Poppler * Wed May 13 2009 Lukáš Tinkl - 4.2.85-1 - KDE 4.3 beta 1 * Mon Apr 27 2009 Rex Dieter - 4.2.2-5 - kio_msits subpkg, help avoid kchmviewer conflicts (#484861) * Wed Apr 22 2009 Than Ngo - 4.2.2-4 - fix build issue on s390(x) * Fri Apr 3 2009 Kevin Kofler 4.2.2-3 - work around Kolourpaint crash with Qt 4.5 (kde#183850) * Wed Apr 1 2009 Rex Dieter 4.2.2-2 - optimize scriptlets * Tue Mar 31 2009 Lukáš Tinkl - 4.2.2-1 - KDE 4.2.2 * Mon Mar 9 2009 Rex Dieter 4.2.1-3 - gwenview-fix-version.diff * Sun Mar 8 2009 Rex Dieter 4.2.1-2 - missing dependency on kipiplugin.desktop (#489218) * Fri Feb 27 2009 Than Ngo - 4.2.1-1 - 4.2.1 * Wed Feb 25 2009 Fedora Release Engineering - 7:4.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Sat Jan 31 2009 Rex Dieter - 4.2.0-2 - unowned dirs (#483317) * Thu Jan 22 2009 Than Ngo - 4.2.0-1 - 4.2.0 * Sat Jan 17 2009 Rakesh Pandit - 4.1.96-2 - Updated with new djvulibre * Wed Jan 7 2009 Than Ngo - 4.1.96-1 - 4.2rc1 * Mon Dec 22 2008 Rex Dieter - 4.1.85-4 - -devel: Provides: libkipi-devel = 0.3.0 * Thu Dec 18 2008 Rex Dieter - 4.1.85-3 - respin (eviv2) * Mon Dec 15 2008 Rex Dieter 4.1.85-2 - BR: ebook-tools-devel * Fri Dec 12 2008 Than Ngo 4.1.85-1 - 4.2beta2 - BR: soprano-devel * Mon Dec 1 2008 Rex Dieter 4.1.80-3 - Obsoletes: libkdcraw libkexiv2 libkipi (F10+) - cleanup Obsoletes: kdegraphics-extras * Thu Nov 20 2008 Than Ngo 4.1.80-2 - merged * Thu Nov 20 2008 Lorenzo Villani - 7:4.1.72-1 - 4.1.80 - BR cmake >= 2.6.2 - make install/fast * Wed Nov 12 2008 Than Ngo 4.1.3-1 - 4.1.3

References


[ 1 ] Bug #520661 - CVE-2009-2702 kdelibs: kssl incorrect verification of SSL certificate with NUL in subjectAltName https://bugzilla.redhat.com/show_bug.cgi?id=520661

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update kdegraphics' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: kdegraphics
Product: Fedora 10
Version: 4.3.1
Release: 1.fc10
URL: https://kde.org/
Summary: K Desktop Environment - Graphics Applications

Topics%20covered

Topics Covered

security advisory moderate Fedora bug fix KDE certificate validation KSSL

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here