Synopsis: Low: kde-workspace security and bug fix update
Advisory ID:       SLSA-2019:2141-1
Issue Date:        2019-08-06
CVE Numbers:       CVE-2018-6790
--

Security Fix(es):

* kde-workspace: Missing sanitization of notifications allows to leak
client IP address via IMG element (CVE-2018-6790)
--

SL7
  x86_64
    libkworkspace-4.11.19-13.el7.x86_64.rpm
    kwin-libs-4.11.19-13.el7.x86_64.rpm
    kde-settings-pulseaudio-19-23.9.el7.noarch.rpm
    ksysguardd-4.11.19-13.el7.x86_64.rpm
    kde-workspace-4.11.19-13.el7.x86_64.rpm
    khotkeys-4.11.19-13.el7.x86_64.rpm
    libkworkspace-4.11.19-13.el7.i686.rpm
    kdelibs-devel-4.14.8-10.el7.x86_64.rpm
    kmenuedit-4.11.19-13.el7.x86_64.rpm
    kcm_colors-4.11.19-13.el7.x86_64.rpm
    kde-style-oxygen-4.11.19-13.el7.x86_64.rpm
    kde-workspace-devel-4.11.19-13.el7.x86_64.rpm
    kde-workspace-libs-4.11.19-13.el7.i686.rpm
    khotkeys-libs-4.11.19-13.el7.i686.rpm
    kde-settings-19-23.9.el7.noarch.rpm
    kdelibs-4.14.8-10.el7.i686.rpm
    kmag-4.10.5-4.el7.x86_64.rpm
    virtuoso-opensource-6.1.6-7.el7.x86_64.rpm
    kde-settings-ksplash-19-23.9.el7.noarch.rpm
    ksysguard-4.11.19-13.el7.x86_64.rpm
    kde-style-oxygen-4.11.19-13.el7.i686.rpm
    ksysguard-libs-4.11.19-13.el7.i686.rpm
    kdelibs-ktexteditor-4.14.8-10.el7.x86_64.rpm
    kde-settings-plasma-19-23.9.el7.noarch.rpm
    kwin-gles-libs-4.11.19-13.el7.i686.rpm
    kdelibs-ktexteditor-4.14.8-10.el7.i686.rpm
    kdelibs-devel-4.14.8-10.el7.i686.rpm
    ksysguard-libs-4.11.19-13.el7.x86_64.rpm
    kde-workspace-libs-4.11.19-13.el7.x86_64.rpm
    kwin-libs-4.11.19-13.el7.i686.rpm
    kgreeter-plugins-4.11.19-13.el7.x86_64.rpm
    kwin-gles-libs-4.11.19-13.el7.x86_64.rpm
    plasma-scriptengine-python-4.11.19-13.el7.x86_64.rpm
    kwin-4.11.19-13.el7.x86_64.rpm
    kde-workspace-devel-4.11.19-13.el7.i686.rpm
    qt-settings-19-23.9.el7.noarch.rpm
    kinfocenter-4.11.19-13.el7.x86_64.rpm
    khotkeys-libs-4.11.19-13.el7.x86_64.rpm
    kdelibs-4.14.8-10.el7.x86_64.rpm
    kdelibs-common-4.14.8-10.el7.x86_64.rpm
    kwin-gles-4.11.19-13.el7.x86_64.rpm
    oxygen-cursor-themes-4.11.19-13.el7.noarch.rpm
    kde-workspace-ksplash-themes-4.11.19-13.el7.noarch.rpm
    kde-settings-minimal-19-23.9.el7.noarch.rpm
    kdelibs-apidocs-4.14.8-10.el7.noarch.rpm
    kdeclassic-cursor-theme-4.11.19-13.el7.noarch.rpm
    plasma-scriptengine-ruby-4.11.19-13.el7.x86_64.rpm
    virtuoso-opensource-utils-6.1.6-7.el7.x86_64.rpm
    kde-workspace-debuginfo-4.11.19-13.el7.i686.rpm
    kde-workspace-debuginfo-4.11.19-13.el7.x86_64.rpm
    kdelibs-debuginfo-4.14.8-10.el7.i686.rpm
    kdelibs-debuginfo-4.14.8-10.el7.x86_64.rpm
    kmag-debuginfo-4.10.5-4.el7.x86_64.rpm
    virtuoso-opensource-debuginfo-6.1.6-7.el7.x86_64.rpm
  noarch
    kde-settings-19-23.9.el7.noarch.rpm
    kde-settings-ksplash-19-23.9.el7.noarch.rpm
    kde-settings-plasma-19-23.9.el7.noarch.rpm
    kde-settings-pulseaudio-19-23.9.el7.noarch.rpm
    qt-settings-19-23.9.el7.noarch.rpm
    kde-settings-minimal-19-23.9.el7.noarch.rpm
    kde-workspace-ksplash-themes-4.11.19-13.el7.noarch.rpm
    kdeclassic-cursor-theme-4.11.19-13.el7.noarch.rpm
    kdelibs-apidocs-4.14.8-10.el7.noarch.rpm
    oxygen-cursor-themes-4.11.19-13.el7.noarch.rpm

- Scientific Linux Development Team

SciLinux: SLSA-2019-2141-1 Low: kde-workspace on SL7.x x86_64

kde-workspace: Missing sanitization of notifications allows to leak client IP address via IMG element (CVE-2018-6790) SL7 x86_64 libkworkspace-4.11.19-13.el7.x86_64.rpm kwin-libs-4...

Summary

Low: kde-workspace security and bug fix update



Security Fixes

* kde-workspace: Missing sanitization of notifications allows to leak client IP address via IMG element (CVE-2018-6790)
SL7 x86_64 libkworkspace-4.11.19-13.el7.x86_64.rpm kwin-libs-4.11.19-13.el7.x86_64.rpm kde-settings-pulseaudio-19-23.9.el7.noarch.rpm ksysguardd-4.11.19-13.el7.x86_64.rpm kde-workspace-4.11.19-13.el7.x86_64.rpm khotkeys-4.11.19-13.el7.x86_64.rpm libkworkspace-4.11.19-13.el7.i686.rpm kdelibs-devel-4.14.8-10.el7.x86_64.rpm kmenuedit-4.11.19-13.el7.x86_64.rpm kcm_colors-4.11.19-13.el7.x86_64.rpm kde-style-oxygen-4.11.19-13.el7.x86_64.rpm kde-workspace-devel-4.11.19-13.el7.x86_64.rpm kde-workspace-libs-4.11.19-13.el7.i686.rpm khotkeys-libs-4.11.19-13.el7.i686.rpm kde-settings-19-23.9.el7.noarch.rpm kdelibs-4.14.8-10.el7.i686.rpm kmag-4.10.5-4.el7.x86_64.rpm virtuoso-opensource-6.1.6-7.el7.x86_64.rpm kde-settings-ksplash-19-23.9.el7.noarch.rpm ksysguard-4.11.19-13.el7.x86_64.rpm kde-style-oxygen-4.11.19-13.el7.i686.rpm ksysguard-libs-4.11.19-13.el7.i686.rpm kdelibs-ktexteditor-4.14.8-10.el7.x86_64.rpm kde-settings-plasma-19-23.9.el7.noarch.rpm kwin-gles-libs-4.11.19-13.el7.i686.rpm kdelibs-ktexteditor-4.14.8-10.el7.i686.rpm kdelibs-devel-4.14.8-10.el7.i686.rpm ksysguard-libs-4.11.19-13.el7.x86_64.rpm kde-workspace-libs-4.11.19-13.el7.x86_64.rpm kwin-libs-4.11.19-13.el7.i686.rpm kgreeter-plugins-4.11.19-13.el7.x86_64.rpm kwin-gles-libs-4.11.19-13.el7.x86_64.rpm plasma-scriptengine-python-4.11.19-13.el7.x86_64.rpm kwin-4.11.19-13.el7.x86_64.rpm kde-workspace-devel-4.11.19-13.el7.i686.rpm qt-settings-19-23.9.el7.noarch.rpm kinfocenter-4.11.19-13.el7.x86_64.rpm khotkeys-libs-4.11.19-13.el7.x86_64.rpm kdelibs-4.14.8-10.el7.x86_64.rpm kdelibs-common-4.14.8-10.el7.x86_64.rpm kwin-gles-4.11.19-13.el7.x86_64.rpm oxygen-cursor-themes-4.11.19-13.el7.noarch.rpm kde-workspace-ksplash-themes-4.11.19-13.el7.noarch.rpm kde-settings-minimal-19-23.9.el7.noarch.rpm kdelibs-apidocs-4.14.8-10.el7.noarch.rpm kdeclassic-cursor-theme-4.11.19-13.el7.noarch.rpm plasma-scriptengine-ruby-4.11.19-13.el7.x86_64.rpm virtuoso-opensource-utils-6.1.6-7.el7.x86_64.rpm kde-workspace-debuginfo-4.11.19-13.el7.i686.rpm kde-workspace-debuginfo-4.11.19-13.el7.x86_64.rpm kdelibs-debuginfo-4.14.8-10.el7.i686.rpm kdelibs-debuginfo-4.14.8-10.el7.x86_64.rpm kmag-debuginfo-4.10.5-4.el7.x86_64.rpm virtuoso-opensource-debuginfo-6.1.6-7.el7.x86_64.rpm noarch kde-settings-19-23.9.el7.noarch.rpm kde-settings-ksplash-19-23.9.el7.noarch.rpm kde-settings-plasma-19-23.9.el7.noarch.rpm kde-settings-pulseaudio-19-23.9.el7.noarch.rpm qt-settings-19-23.9.el7.noarch.rpm kde-settings-minimal-19-23.9.el7.noarch.rpm kde-workspace-ksplash-themes-4.11.19-13.el7.noarch.rpm kdeclassic-cursor-theme-4.11.19-13.el7.noarch.rpm kdelibs-apidocs-4.14.8-10.el7.noarch.rpm oxygen-cursor-themes-4.11.19-13.el7.noarch.rpm
- Scientific Linux Development Team

Severity
Advisory ID: SLSA-2019:2141-1
Issued Date: : 2019-08-06
CVE Numbers: CVE-2018-6790

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved