Fedora Core 4: KDEBase Update Addresses KDM Symlink Attack - Critical

Core applications for the K Desktop Environment. Included are: kdm

(replacement for xdm), kwin (window manager), konqueror (filemanager,

web browser, ftp client, ...), konsole (xterm replacement), kpanel

(application starter and desktop pager), kaudio (audio server),

kdehelp (viewer for kde help files, info and man pages), kthememgr

(system for managing alternate theme packages) plus other KDE

components (kcheckpass, kikbd, kscreensaver, kcontrol, kfind,

kfontmanager, kmenuedit).

- apply patch to to fix #194659, CVE-2006-2449 KDM symlink attack vulnerability

thanks to KDE security team

e516f11b42f09b1eb0010d5c1e8ac9f4f0fb6b46 SRPMS/kdebase-3.5.3-0.2.fc4.src.rpm

e516f11b42f09b1eb0010d5c1e8ac9f4f0fb6b46 noarch/kdebase-3.5.3-0.2.fc4.src.rpm

23521fd2290cb2a6d85ac535bb82887b1227df39 ppc/kdebase-3.5.3-0.2.fc4.ppc.rpm

77989490976693e4e8f32435a3b0bb6d28bd6099 ppc/kdebase-devel-3.5.3-0.2.fc4.ppc.rpm

6250d9ea381f7cd63fdd52de11d8909f6296fc56 ppc/debug/kdebase-debuginfo-3.5.3-0.2.fc4.ppc.rpm

107eeb1cbe7502e3018f5d6e9f2d95e40441aafd x86_64/kdebase-3.5.3-0.2.fc4.x86_64.rpm

3128806557d43ef4d137ce0ec7204c1fe517b1f1 x86_64/kdebase-devel-3.5.3-0.2.fc4.x86_64.rpm

d07ed7f74a2b8fbc67bbeb0347e9cf906bea5a30 x86_64/debug/kdebase-debuginfo-3.5.3-0.2.fc4.x86_64.rpm

dc5d4e61c7fa1ac2e2a2459feeec731b117d9c7f i386/kdebase-3.5.3-0.2.fc4.i386.rpm

2b06bf0a5e4d96148299bda3b56b965bb875a85b i386/kdebase-devel-3.5.3-0.2.fc4.i386.rpm

5e99d90a8daace74bd7a08b1cd7079c546aafcb1 i386/debug/kdebase-debuginfo-3.5.3-0.2.fc4.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/