Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Researching Scientific Linux: Security Update for kdelibs CVE-2011-3365

Calendar Oct 19, 2011 User Avatar LinuxSecurity Advisories
2 - 3 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate kdelibs input sanitization kdelibs3 Scientific Linux
Moderate: kdelibs and kdelibs3 security update 
Date: Wed, 19 Oct 2011 22:42:29 -0500
Reply-To: This email address is being protected from spambots. You need JavaScript enabled to view it.
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Moderate: kdelibs and kdelibs3 on SL4.x, SL5.x,
 SL6.x i386/x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis: Moderate: kdelibs and kdelibs3 security update
Issue Date: 2011-10-19
CVE Numbers: CVE-2011-3365

The kdelibs and kdelibs3 packages provide libraries for the K Desktop
Environment (KDE).

An input sanitization flaw was found in the KSSL (KDE SSL Wrapper) API. An
attacker could supply a specially-crafted SSL certificate (for example, via
a web page) to an application using KSSL, such as the Konqueror web
browser, causing misleading information to be presented to the user,
possibly tricking them into accepting the certificate as valid.
(CVE-2011-3365)

Users should upgrade to these updated packages, which contain a backported
patch to correct this issue. The desktop must be restarted (log out, then
log back in) for this update to take effect.

SL4:
 i386
 kdelibs-3.3.1-18.el4.i386.rpm
 kdelibs-debuginfo-3.3.1-18.el4.i386.rpm
 kdelibs-devel-3.3.1-18.el4.i386.rpm
 x86_64
 kdelibs-3.3.1-18.el4.i386.rpm
 kdelibs-3.3.1-18.el4.x86_64.rpm
 kdelibs-debuginfo-3.3.1-18.el4.i386.rpm
 kdelibs-debuginfo-3.3.1-18.el4.x86_64.rpm
 kdelibs-devel-3.3.1-18.el4.x86_64.rpm
SL5:
 i386
 kdelibs-3.5.4-26.el5_7.1.i386.rpm
 kdelibs-apidocs-3.5.4-26.el5_7.1.i386.rpm
 kdelibs-debuginfo-3.5.4-26.el5_7.1.i386.rpm
 kdelibs-devel-3.5.4-26.el5_7.1.i386.rpm
 x86_64
 kdelibs-3.5.4-26.el5_7.1.i386.rpm
 kdelibs-3.5.4-26.el5_7.1.x86_64.rpm
 kdelibs-apidocs-3.5.4-26.el5_7.1.x86_64.rpm
 kdelibs-debuginfo-3.5.4-26.el5_7.1.i386.rpm
 kdelibs-debuginfo-3.5.4-26.el5_7.1.x86_64.rpm
 kdelibs-devel-3.5.4-26.el5_7.1.i386.rpm
 kdelibs-devel-3.5.4-26.el5_7.1.x86_64.rpm
SL6:
 i386
 kdelibs3-3.5.10-24.el6_1.1.i686.rpm
 kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm
 kdelibs3-devel-3.5.10-24.el6_1.1.i686.rpm
 noarch
 kdelibs3-apidocs-3.5.10-24.el6_1.1.noarch.rpm
 x86_64
 kdelibs3-3.5.10-24.el6_1.1.i686.rpm
 kdelibs3-3.5.10-24.el6_1.1.x86_64.rpm
 kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm
 kdelibs3-debuginfo-3.5.10-24.el6_1.1.x86_64.rpm
 kdelibs3-devel-3.5.10-24.el6_1.1.i686.rpm
 kdelibs3-devel-3.5.10-24.el6_1.1.x86_64.rpm

- Scientific Linux Development Team
Your message here