Mageia 2018-0477: kio-extras security update
Summary
The HTML thumbnailer was incorrectly accessing some content of remote
URLs listed in HTML files. This meant that the owners of the serversreferred in HTML files in your system could have seen in their access
logs your IP address every time the thumbnailer tried to create the
thumbnail (CVE-2018-19120).
References
- https://bugs.mageia.org/show_bug.cgi?id=23868
- - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CWRCGXLPJHM4OFD66BINH2FIMYHRCRKF/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19120
Resolution
MGASA-2018-0477 - Updated kio-extras packages fix security vulnerability
SRPMS
- 6/core/kio-extras-17.12.2-4.1.mga6