Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 10 kdepim 4.3.1: Potential Security Fix for Certificate Validation

fedora
Calendar Grey September 15, 2009
Dist Fedora Esm H88
Fedora 10's latest release upgrades kdepim to version 4.3.1, enhancing stability with bug fixes and security improvements for better protection and performance
This updates KDE to 4.3.1, the latest upstream bugfix release

Summary

PIM (Personal Information Manager) applications, including:

* akregator: feed aggregator

* kmail: email client

* knode: newsreader

* knotes: sticky notes for the desktop

* kontact: integrated PIM management

* korganizer: journal, appointments, events, todos

* kpilot: HotSync® software for Palm OS® devices

Update Information:

This updates KDE to 4.3.1, the latest upstream bugfix release. The main improvements are: * KDE 4.3 is now also available in Croatian. * A crash when editing toolbar setup has been fixed. * Support for transferring files through SSH using KIO::Fish has been fixed. * A number of bugs in KWin, KDE's window and compositing manager has been fixed. * A large number of bugs in KMail, KDE's email client are now gone. See https://kde.org/announcements/announce-4.3.1/ for more information. In addition, this update: * fixes a potential security issue (CVE-2009-2702) with certificate validation in the KIO KSSL code. It is believed that the affected code is not actually used (the code in Qt, for which a security update was already issued, is) and thus the issue is only potential, but KSSL is being patched just in case, * splits PolicyKit-kde out of kdebase-workspace again to avoid forcing it onto GNOME-based setups, where PolicyKit-gnome is desired instead (#519654).

Topics%20covered

Topics Covered

security advisory Fedora kdepim certificate validation potential issue KDE applications

Change Log

* Fri Aug 28 2009 Than Ngo - 4.3.1-1 - 4.3.1 * Tue Aug 18 2009 Rex Dieter - 4.3.0-4 - kmail: upstream fix for custom font settings (#kdebug#178402) * Tue Aug 11 2009 Lukáš Tinkl - 4.3.0-3 - fix kmail default save dir regression (#496988) * Sat Aug 8 2009 Rex Dieter - 4.3.0-2 - -libs: move designer plugins here - %check: desktop-file-validate - don't own %{_kde4_appsdir}/kconf_update/ * Thu Jul 30 2009 Than Ngo - 4.3.0-1 - 4.3.0 * Fri Jul 24 2009 Fedora Release Engineering - 6:4.2.98-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Wed Jul 22 2009 Than Ngo - 4.2.98-1 - 4.3rc3 * Sat Jul 11 2009 Than Ngo - 4.2.96-1 - 4.3rc2 * Tue Jul 7 2009 Rex Dieter 4.2.95-2 - Requires: kdepim-runtime (< F-12) * Mon Jun 29 2009 Than Ngo - 4.2.95-1 - 4.3rc1 * Thu Jun 4 2009 Lorenzo Villani - 6:4.2.90-1 - KDE 4.3 Beta 2 * Fri May 29 2009 Rex Dieter - 4.2.85-2 - fix meeting-organizer icon conflict with oxygen-icons - -libs: (re)add dep on kdelibs4 * Wed May 13 2009 Lukáš Tinkl - 4.2.85-1 - KDE 4.3 beta 1 * Mon Apr 13 2009 Rex Dieter - 4.2.2-4 - drop extraneous BR's, including libmal-devel (not currently used) * Mon Apr 6 2009 Than Ngo - 4.2.2-3 - apply upstream patch to fix crash in korganizer * Wed Apr 1 2009 Rex Dieter - 4.2.2-2 - optimize scriptlets * Tue Mar 31 2009 Lukáš Tinkl - 4.2.2-1 - KDE 4.2.2 * Mon Mar 9 2009 Rex Dieter 4.2.1-3 - upstream korganizer-view patch * Wed Mar 4 2009 Than Ngo - 4.2.1-2 - upstream patch, speed up folder syncing * Fri Feb 27 2009 Than Ngo - 4.2.1-1 - 4.2.1 * Wed Feb 25 2009 Fedora Release Engineering - 6:4.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Tue Jan 27 2009 Than Ngo - 4.2.0-2 - upstream patch, fix data corruption problems in KPilot * Thu Jan 22 2009 Than Ngo - 4.2.0-1 - 4.2.0 * Thu Jan 15 2009 Rex Dieter 4.1.96-3 - move libkpilot_*.so -devel -> main pkg * Thu Jan 15 2009 Kevin Kofler 4.1.96-2 - reenable BR pilot-link-devel, add missing BR libmal-devel (for KPilot) * Wed Jan 7 2009 Than Ngo 4.1.96-1 - 4.2rc1 * Fri Dec 12 2008 Than Ngo 4.1.85-1 - 4.2beta2 * Fri Nov 28 2008 Lorenzo Villani - 6:4.1.80-3 - kdepim-4.1.80-libqgpgme-link-fix.patch fix libqgpgme linking errors* Thu Nov 20 2008 Than Ngo 4.1.80-2 - merged * Thu Nov 20 2008 Lorenzo Villani - 6:4.1.80-1 - 4.1.80 - BR cmake >= 2.6.2 - make install/fast - kdepim-4.1.2-kabcdistlistupdater.patch upstreamed * Wed Nov 12 2008 Than Ngo 4.1.3-1 - 4.1.3

References


[ 1 ] Bug #520661 - CVE-2009-2702 kdelibs: kssl incorrect verification of SSL certificate with NUL in subjectAltName https://bugzilla.redhat.com/show_bug.cgi?id=520661

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update kdepim' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: kdepim
Product: Fedora 10
Version: 4.3.1
Release: 1.fc10
URL: https://kde.org/
Summary: PIM (Personal Information Manager) applications

Topics%20covered

Topics Covered

security advisory Fedora kdepim certificate validation potential issue KDE applications

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here