Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Fedora 10: 2009-9427 Moderate: KDE KIO Potential Security Issue

fedora
Calendar Grey September 15, 2009
Dist Fedora Esm H88
KDE 4.3.1 update for Fedora 10 enhances security with important fixes. Discover details about the update now!
This updates KDE to 4.3.1, the latest upstream bugfix release

Summary

A collection of applications and tools used by developers, including:

* cervisia: a CVS frontend

* kate: advanced text editor

* kbugbuster: a tool to manage the KDE bug report system

* kcachegrind: a browser for data produced by profiling tools (e.g. cachegrind)

* kompare: diff tool

* kuiviewer: displays designer's UI files

* lokalize: computer-aided translation system focusing on productivity and performance

* umbrello: UML modeller and UML diagram tool

Update Information:

This updates KDE to 4.3.1, the latest upstream bugfix release. The main improvements are: * KDE 4.3 is now also available in Croatian. * A crash when editing toolbar setup has been fixed. * Support for transferring files through SSH using KIO::Fish has been fixed. * A number of bugs in KWin, KDE's window and compositing manager has been fixed. * A large number of bugs in KMail, KDE's email client are now gone. See https://kde.org/announcements/announce-4.3.1/ for more information. In addition, this update: * fixes a potential security issue (CVE-2009-2702) with certificate validation in the KIO KSSL code. It is believed that the affected code is not actually used (the code in Qt, for which a security update was already issued, is) and thus the issue is only potential, but KSSL is being patched just in case, * splits PolicyKit-kde out of kdebase-workspace again to avoid forcing it onto GNOME-based setups, where PolicyKit-gnome is desired instead (#519654).

Topics%20covered

Topics Covered

security advisory software update Fedora KDE bugfix certificate validation KIO

Change Log

* Fri Aug 28 2009 Than Ngo - 4.3.1-1 - 4.3.1 * Thu Jul 30 2009 Than Ngo - 4.3.0-1 - 4.3.0 * Wed Jul 22 2009 Than Ngo - 4.2.98-1 - 4.3rc3 * Sun Jul 12 2009 Than Ngo - 4.2.96-1 - 4.3rc2 * Fri Jun 26 2009 Than Ngo - 4.2.95-1 - 4.3rc1 * Thu Jun 4 2009 Rex Dieter - 4.2.90-1 - KDE-4.3 beta2 (4.2.90) * Thu May 14 2009 Lukáš Tinkl - 4.2.85-1 - KDE 4.3 beta 1 * Wed Apr 1 2009 Rex Dieter - 4.2.2-2 - optimize scriptlets * Tue Mar 31 2009 Lukáš Tinkl - 4.2.2-1 - KDE 4.2.2 * Fri Feb 27 2009 Than Ngo - 4.2.1-1 - 4.2.1 - blockquote patch (#487624) * Wed Feb 25 2009 Fedora Release Engineering - 4.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Thu Feb 19 2009 Kevin Kofler 4.2.0-2 - fix Kompare crash with Qt 4.5 (kde#182792) - fix build with GCC 4.4 * Thu Jan 22 2009 Than Ngo - 4.2.0-1 - 4.2.0 * Mon Jan 19 2009 Than Ngo - 4.1.96-4 - apply patch to fix build against Boost 1.37.0 * Tue Jan 13 2009 Kevin Kofler 4.1.96-3 - F11+: add workaround to fix build against Boost 1.37.0 * Fri Jan 9 2009 Kevin Kofler 4.1.96-2 - don't ship krazy-licensecheck, should be in krazy2 * Wed Jan 7 2009 Than Ngo - 4.1.96-1 - 4.2rc1 * Fri Dec 12 2008 Than Ngo 4.1.85-1 - 4.2beta2 * Mon Dec 1 2008 Kevin Kofler 4.1.80-3 - BR plasma-devel instead of kdebase-workspace-devel - don't require kdebase-workspace - rebase Lokalize quit menu patch - BR libical-devel * Thu Nov 20 2008 Than Ngo 4.1.80-2 - merged * Thu Nov 20 2008 Lorenzo Villani 4.1.80-1 - 4.1.80 - BR cmake >= 2.6.2 - make install/fast - kdesdk-4.1.2-kdecore.patch upstreamed, dropped * Wed Nov 12 2008 Than Ngo 4.1.3-1 - 4.1.3

References


[ 1 ] Bug #520661 - CVE-2009-2702 kdelibs: kssl incorrect verification of SSL certificate with NUL in subjectAltName https://bugzilla.redhat.com/show_bug.cgi?id=520661

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update kdesdk' at the command line. For more information, refer to "Managing Software with yum", available at .

Name: kdesdk
Product: Fedora 10
Version: 4.3.1
Release: 1.fc10
URL: https://kde.org/
Summary: The KDE Software Development Kit (SDK)

Topics%20covered

Topics Covered

security advisory software update Fedora KDE bugfix certificate validation KIO

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here