Fedora 11 Update: kdelibs3-3.5.10-13.fc11
Summary
Libraries for the K Desktop Environment 3:
KDE Libraries included: kdecore (KDE core library), kdeui (user interface),
kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking),
kspell (spelling checker), jscript (javascript), kab (addressbook),
kimgio (image manipulation).
Update Information:
This update fixes several security issues in the KDE 3 compatibility version of KHTML (CVE-2009-1725, CVE-2009-1690, CVE-2009-1687, CVE-2009-1698, CVE-2009-2537) which may lead to a denial of service or potentially even arbitrary code execution. In addition, the package was fixed to build with the latest version of automake.
Change Log
* Sun Jul 26 2009 Kevin Kofler
References
[ 1 ] Bug #513813 - CVE-2009-1725: KHTML: improper handling of numeric character references (ACE, DoS) https://bugzilla.redhat.com/show_bug.cgi?id=513813 [ 2 ] Bug #505571 - CVE-2009-1690 kdelibs: KHTML Incorrect handling element content once the element was removed (DoS, ACE) https://bugzilla.redhat.com/show_bug.cgi?id=505571 [ 3 ] Bug #506453 - CVE-2009-1687 kdelibs: Integer overflow in KJS JavaScript garbage collector https://bugzilla.redhat.com/show_bug.cgi?id=506453 [ 4 ] Bug #506469 - CVE-2009-1698 kdelibs: KHTML CSS parser - incorrect handling CSS "style" attribute content (DoS, ACE) https://bugzilla.redhat.com/show_bug.cgi?id=506469 [ 5 ] Bug #512911 - CVE-2009-2537 Konqueror: DoS via large length property of a Select object https://bugzilla.redhat.com/show_bug.cgi?id=512911
Update Instructions
This update can be installed with the "yum" update program. Use su -c 'yum update kdelibs3' at the command line. For more information, refer to "Managing Software with yum", available at .