Security Advisory for Slackware 9.0 & 9.1: kdepim DoS Vulnerability

Here are the details from the Slackware 9.1 ChangeLog: Wed Jan 14 11:58:58 PST 2004 patches/packages/kdepim-3.1.4-i486-2.tgz: Recompiled with security patch post-3.1.4-kdepim-kfile-plugins.diff. From the KDE advisory: The KDE team has found a buffer overflow in the file information reader of VCF files. A carefully crafted .VCF file potentially enables local attackers to compromise the privacy of a victim's data or execute arbitrary commands with the victim's privileges. By default, file information reading is disabled for remote files. However, if previews are enabled for remote files, remote attackers may be able to compromise the victim's account. For more details, see: https://www.cve.org/CVERecord?id=CVE-CAN-2003-0988 (* Security fix *) WHERE TO FIND THE NEW PACKAGES: Updated packages for Slackware