Slackware: 2004-238-01 Moderate: Kdelibs URI Handling Security Fix
slackware
May 18, 2004
New kdelibs packages are available for Slackware 9.0, 9.1 and -current to fix security issues with URI handling
Summary
Here are the details from the Slackware 9.1 ChangeLog: Mon May 17 19:31:12 PDT 2004 patches/packages/kdelibs-3.1.4-i486-2.tgz: Patched URI security issues. According to https://kde.org/: The telnet, rlogin, ssh and mailto URI handlers in KDE do not check for '-' at the beginning of the hostname passed, which makes it possible to pass an option to the programs started by the handlers. For more details, see: https://www.cve.org/CVERecord?id=CVE-CAN-2004-0411 (* Security fix *)
Topics Covered
Where Find New Packages
Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kde/kdelibs-3.1.3a-i386-2.tgz
Updated package for Slackware 9.1:
Updated package for Slackware -current:
MD5 Signatures
Slackware 9.0 package:
554873b76b83e345c2c86a9785199fcf kdelibs-3.1.3a-i386-2.tgz
Slackware 9.1 package:
4be0192b1c0c246aa947b625eeb6dfd9 kdelibs-3.1.4-i486-2.tgz
Slackware -current package:
015a0efcd12fb61b6bf78a10e218c0cd kdelibs-3.2.2-i486-2.tgz
PREVIOUS
NEXT
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Installation instructions: Upgrade the kdelibs package as root: # upgradepkg kdelibs-3.1.4-i486-2.tgz
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!