Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Debian 10: DEBIAN-2023-016 High: KDE Plasma Heap Corruption

fedora
Calendar Grey January 27, 2006
Dist Fedora Esm H88
A patch for kdelibs addresses a memory overflow vulnerability in KDE's JavaScript engine, boosting overall system safety.
A heap overflow flaw was discovered affecting kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE

Summary

Libraries for the K Desktop Environment:

KDE Libraries included: kdecore (KDE core library), kdeui (user interface),

kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking),

kspell (spelling checker), jscript (javascript), kab (addressbook),

kimgio (image manipulation).

A heap overflow flaw was discovered affecting kjs, the

JavaScript interpreter engine used by Konqueror and other

parts of KDE. An attacker could create a malicious web site

containing carefully crafted JavaScript code that would

trigger this flaw and possibly lead to arbitrary code

execution. The Common Vulnerabilities and Exposures project

assigned the name CVE-2006-0019 to this issue.

Users of KDE should upgrade to these updated packages, which

contain a backported patch from the KDE security team

correcting this issue

- apply patch to fix a printing problem

- add requires on iceauth #176571

* Wed Jan 11 2006 Karsten Hopp 6:3.5.0-0.3.fc4

- fix kjs encodeuri/decodeuri heap overflow vulnerability, CVE-2006-0019

db86b76009dfd868772600e2b643197fd7d7be1a SRPMS/kdelibs-3.5.0-0.4.fc4.src.rpm

93b3eada75276675171f62e8f82602fc9d4174e8 ppc/kdelibs-3.5.0-0.4.fc4.ppc.rpm

eaa612bac27317b96a0c88d6f122a8595acb1b7a ppc/kdelibs-devel-3.5.0-0.4.fc4.ppc.rpm

81d47e47869fceaba8a83207577e7e88eadd7eb4 ppc/debug/kdelibs-debuginfo-3.5.0-0.4.fc4.ppc.rpm

e57159f6621915c22645ce3e35dfb34d9e1e8e80 x86_64/kdelibs-3.5.0-0.4.fc4.x86_64.rpm

5558a0aeda509ec10a618c0a7e44532bced642da x86_64/kdelibs-devel-3.5.0-0.4.fc4.x86_64.rpm

8e0602b9f6f2b307b8317acad389c72e68110b2a x86_64/debug/kdelibs-debuginfo-3.5.0-0.4.fc4.x86_64.rpm

ba4d3840f602dedb774231eb821fd6dcbe73e3cf i386/kdelibs-3.5.0-0.4.fc4.i386.rpm

86d01df92bfc26b56e1dfba9f196c2d6aacf1ef8 i386/kdelibs-devel-3.5.0-0.4.fc4.i386.rpm

397f3f220aa17b36ada0a165b31d225f5fd6580d i386/debug/kdelibs-debuginfo-3.5.0-0.4.fc4.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

fedora-announce-list mailing list

fedora-announce-list@redhat.com

Topics%20covered

Topics Covered

security advisory buffer overflow Debian arbitrary code execution kdelibs update Gnome Desktop

Change Log

References

Update Instructions

Name: kdelibs
Version: 3.5.0
Release: 0.4.fc4
Summary: K Desktop Environment - Libraries

Topics%20covered

Topics Covered

security advisory buffer overflow Debian arbitrary code execution kdelibs update Gnome Desktop

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here