Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 10 4.3.1 Critical Fix for KSSL Certificate Validation Issue

fedora
Calendar Grey September 15, 2009
Dist Fedora Esm H88
Tackles possible KSSL concerns, upgrades KDE to version 4.3.1, incorporating essential bug repairs and improvements in functionality.
This updates KDE to 4.3.1, the latest upstream bugfix release

Summary

kdetoys includes:

* amor: Amusing Misuse Of Resources put's comic figures above your windows

* kteatime: makes sure your tea does not get too strong

* ktux: Tux-in-a-Spaceship screen saver

* kweather: display the current weather outside

Update Information:

This updates KDE to 4.3.1, the latest upstream bugfix release. The main improvements are: * KDE 4.3 is now also available in Croatian. * A crash when editing toolbar setup has been fixed. * Support for transferring files through SSH using KIO::Fish has been fixed. * A number of bugs in KWin, KDE's window and compositing manager has been fixed. * A large number of bugs in KMail, KDE's email client are now gone. See https://kde.org/announcements/announce-4.3.1/ for more information. In addition, this update: * fixes a potential security issue (CVE-2009-2702) with certificate validation in the KIO KSSL code. It is believed that the affected code is not actually used (the code in Qt, for which a security update was already issued, is) and thus the issue is only potential, but KSSL is being patched just in case, * splits PolicyKit-kde out of kdebase-workspace again to avoid forcing it onto GNOME-based setups, where PolicyKit-gnome is desired instead (#519654).

Topics%20covered

Topics Covered

security advisory Fedora critical patch KDE update KSSL issue

Change Log

* Fri Aug 28 2009 Than Ngo - 4.3.1-1 - 4.3.1 * Thu Jul 30 2009 Than Ngo - 4.3.0-1 - 4.3.0 * Wed Jul 22 2009 Than Ngo - 4.2.98-1 - 4.3rc3 * Sun Jul 12 2009 Than Ngo - 4.2.96-1 - 4.3rc2 * Fri Jun 26 2009 Than Ngo - 4.2.95-1 - 4.3rc1 * Thu Jun 4 2009 Rex Dieter - 4.2.90-1 - KDE-4.3 beta2 (4.2.90) * Thu May 14 2009 Lukáš Tinkl - 4.2.85-1 - KDE 4.3 beta 1 * Wed Apr 1 2009 Rex Dieter 4.2.2-2 - optimize scriptlets * Tue Mar 31 2009 Lukáš Tinkl - 4.2.2-1 - KDE 4.2.2 * Fri Feb 27 2009 Than Ngo - 4.2.1-1 - 4.2.1 * Wed Feb 25 2009 Fedora Release Engineering - 7:4.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Thu Feb 12 2009 Rex Dieter - 4.2.0-2 - amor.desktop,kteatime.desktop: Categories += Game - kteatime.desktop: drop OnlyShowIn=KDE * Thu Jan 22 2009 Than Ngo - 4.2.0-1 - 4.2.0 * Wed Jan 7 2009 Than Ngo - 4.1.96-1 - 4.2rc1 * Fri Dec 12 2008 Than Ngo 4.1.85-1 - 4.2beta2 * Thu Dec 4 2008 Kevin Kofler 4.1.80-4 - clean up BRs - fix file list * Tue Nov 25 2008 Kevin Kofler 4.1.80-3 - remove kworldclock from description (dropped in 4.2, replaced by a plasmoid using marble, which is part of kdeedu) - remove bogus BR qimageblitz-devel (was already unneeded in 4.1) * Thu Nov 20 2008 Than Ngo 4.1.80-2 - merged * Thu Nov 20 2008 Lorenzo Villani - 7:4.1.72-1 - 4.1.80 - BR cmake >= 2.6.2 - make install/fast * Wed Nov 12 2008 Than Ngo 4.1.3-1 - 4.1.3

References


[ 1 ] Bug #520661 - CVE-2009-2702 kdelibs: kssl incorrect verification of SSL certificate with NUL in subjectAltName https://bugzilla.redhat.com/show_bug.cgi?id=520661

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update kdetoys' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: kdetoys
Product: Fedora 10
Version: 4.3.1
Release: 1.fc10
URL: https://kde.org/
Summary: K Desktop Environment - Toys and Amusements

Topics%20covered

Topics Covered

security advisory Fedora critical patch KDE update KSSL issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here