Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity issue

Red Hat Enterprise Linux 6 RHSA-2011-1385-01 Moderate SSL Flaw

Updated kdelibs packages for Red Hat Enterprise Linux 4 and 5 and updated kdelibs3 packages for Red Hat Enterprise Linux 6 that fix one security issue are now available. The Red Hat Security Response Team has rated this update as having moderate. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: kdelibs and kdelibs3 security update Advisory ID: RHSA-2011:1385-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:1385.html Issue date: 2011-10-19 CVE Names: CVE-2011-3365 ==================================================================== 1. Summary: Updated kdelibs packages for Red Hat Enterprise Linux 4 and 5 and updated kdelibs3 packages for Red Hat Enterprise Linux 6 that fix one security issue are now available. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - noarch Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386,x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - noarch 3. Description: The kdelibs and kdelibs3 packages provide libraries for the K Desktop Environment (KDE). An input sanitization flaw was found in the KSSL (KDE SSL Wrapper) API. An attacker could supply a specially-crafted SSL certificate (for example, via a web page) to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid. (CVE-2011-3365) Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 743054 - CVE-2011-3365 kdelibs: input validation failure in KSSL 6. Package List: Red Hat Enterprise Linux AS version4: Source: i386: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-devel-3.3.1-18.el4.i386.rpm ia64: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-3.3.1-18.el4.ia64.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.ia64.rpm kdelibs-devel-3.3.1-18.el4.ia64.rpm ppc: kdelibs-3.3.1-18.el4.ppc.rpm kdelibs-3.3.1-18.el4.ppc64.rpm kdelibs-debuginfo-3.3.1-18.el4.ppc.rpm kdelibs-debuginfo-3.3.1-18.el4.ppc64.rpm kdelibs-devel-3.3.1-18.el4.ppc.rpm s390: kdelibs-3.3.1-18.el4.s390.rpm kdelibs-debuginfo-3.3.1-18.el4.s390.rpm kdelibs-devel-3.3.1-18.el4.s390.rpm s390x: kdelibs-3.3.1-18.el4.s390.rpm kdelibs-3.3.1-18.el4.s390x.rpm kdelibs-debuginfo-3.3.1-18.el4.s390.rpm kdelibs-debuginfo-3.3.1-18.el4.s390x.rpm kdelibs-devel-3.3.1-18.el4.s390x.rpm x86_64: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-3.3.1-18.el4.x86_64.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.x86_64.rpm kdelibs-devel-3.3.1-18.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: i386: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-devel-3.3.1-18.el4.i386.rpm x86_64: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-3.3.1-18.el4.x86_64.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.x86_64.rpm kdelibs-devel-3.3.1-18.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-devel-3.3.1-18.el4.i386.rpm ia64: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-3.3.1-18.el4.ia64.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.ia64.rpm kdelibs-devel-3.3.1-18.el4.ia64.rpm x86_64: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-3.3.1-18.el4.x86_64.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.x86_64.rpm kdelibs-devel-3.3.1-18.el4.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-devel-3.3.1-18.el4.i386.rpm ia64: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-3.3.1-18.el4.ia64.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.ia64.rpm kdelibs-devel-3.3.1-18.el4.ia64.rpm x86_64: kdelibs-3.3.1-18.el4.i386.rpm kdelibs-3.3.1-18.el4.x86_64.rpm kdelibs-debuginfo-3.3.1-18.el4.i386.rpm kdelibs-debuginfo-3.3.1-18.el4.x86_64.rpm kdelibs-devel-3.3.1-18.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: kdelibs-3.5.4-26.el5_7.1.i386.rpm kdelibs-apidocs-3.5.4-26.el5_7.1.i386.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.i386.rpm x86_64: kdelibs-3.5.4-26.el5_7.1.i386.rpm kdelibs-3.5.4-26.el5_7.1.x86_64.rpm kdelibs-apidocs-3.5.4-26.el5_7.1.x86_64.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.i386.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: i386: kdelibs-debuginfo-3.5.4-26.el5_7.1.i386.rpm kdelibs-devel-3.5.4-26.el5_7.1.i386.rpm x86_64: kdelibs-debuginfo-3.5.4-26.el5_7.1.i386.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.x86_64.rpm kdelibs-devel-3.5.4-26.el5_7.1.i386.rpm kdelibs-devel-3.5.4-26.el5_7.1.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: kdelibs-3.5.4-26.el5_7.1.i386.rpm kdelibs-apidocs-3.5.4-26.el5_7.1.i386.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.i386.rpm kdelibs-devel-3.5.4-26.el5_7.1.i386.rpm ia64: kdelibs-3.5.4-26.el5_7.1.ia64.rpm kdelibs-apidocs-3.5.4-26.el5_7.1.ia64.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.ia64.rpm kdelibs-devel-3.5.4-26.el5_7.1.ia64.rpm ppc: kdelibs-3.5.4-26.el5_7.1.ppc.rpm kdelibs-3.5.4-26.el5_7.1.ppc64.rpm kdelibs-apidocs-3.5.4-26.el5_7.1.ppc.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.ppc.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.ppc64.rpm kdelibs-devel-3.5.4-26.el5_7.1.ppc.rpm kdelibs-devel-3.5.4-26.el5_7.1.ppc64.rpm s390x: kdelibs-3.5.4-26.el5_7.1.s390.rpm kdelibs-3.5.4-26.el5_7.1.s390x.rpm kdelibs-apidocs-3.5.4-26.el5_7.1.s390x.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.s390.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.s390x.rpm kdelibs-devel-3.5.4-26.el5_7.1.s390.rpm kdelibs-devel-3.5.4-26.el5_7.1.s390x.rpm x86_64: kdelibs-3.5.4-26.el5_7.1.i386.rpm kdelibs-3.5.4-26.el5_7.1.x86_64.rpm kdelibs-apidocs-3.5.4-26.el5_7.1.x86_64.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.i386.rpm kdelibs-debuginfo-3.5.4-26.el5_7.1.x86_64.rpm kdelibs-devel-3.5.4-26.el5_7.1.i386.rpm kdelibs-devel-3.5.4-26.el5_7.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: i386: kdelibs3-3.5.10-24.el6_1.1.i686.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm x86_64: kdelibs3-3.5.10-24.el6_1.1.i686.rpm kdelibs3-3.5.10-24.el6_1.1.x86_64.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm kdelibs3-devel-3.5.10-24.el6_1.1.i686.rpm noarch: kdelibs3-apidocs-3.5.10-24.el6_1.1.noarch.rpm x86_64: kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.x86_64.rpm kdelibs3-devel-3.5.10-24.el6_1.1.i686.rpm kdelibs3-devel-3.5.10-24.el6_1.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v.6): Source: noarch: kdelibs3-apidocs-3.5.10-24.el6_1.1.noarch.rpm x86_64: kdelibs3-3.5.10-24.el6_1.1.i686.rpm kdelibs3-3.5.10-24.el6_1.1.x86_64.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.x86_64.rpm kdelibs3-devel-3.5.10-24.el6_1.1.i686.rpm kdelibs3-devel-3.5.10-24.el6_1.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: kdelibs3-3.5.10-24.el6_1.1.i686.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm kdelibs3-devel-3.5.10-24.el6_1.1.i686.rpm ppc64: kdelibs3-3.5.10-24.el6_1.1.ppc.rpm kdelibs3-3.5.10-24.el6_1.1.ppc64.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.ppc.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.ppc64.rpm kdelibs3-devel-3.5.10-24.el6_1.1.ppc.rpm kdelibs3-devel-3.5.10-24.el6_1.1.ppc64.rpm s390x: kdelibs3-3.5.10-24.el6_1.1.s390.rpm kdelibs3-3.5.10-24.el6_1.1.s390x.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.s390.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.s390x.rpm kdelibs3-devel-3.5.10-24.el6_1.1.s390.rpm kdelibs3-devel-3.5.10-24.el6_1.1.s390x.rpm x86_64: kdelibs3-3.5.10-24.el6_1.1.i686.rpm kdelibs3-3.5.10-24.el6_1.1.x86_64.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.x86_64.rpm kdelibs3-devel-3.5.10-24.el6_1.1.i686.rpm kdelibs3-devel-3.5.10-24.el6_1.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: noarch: kdelibs3-apidocs-3.5.10-24.el6_1.1.noarch.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: kdelibs3-3.5.10-24.el6_1.1.i686.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm kdelibs3-devel-3.5.10-24.el6_1.1.i686.rpm x86_64: kdelibs3-3.5.10-24.el6_1.1.i686.rpm kdelibs3-3.5.10-24.el6_1.1.x86_64.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.i686.rpm kdelibs3-debuginfo-3.5.10-24.el6_1.1.x86_64.rpm kdelibs3-devel-3.5.10-24.el6_1.1.i686.rpm kdelibs3-devel-3.5.10-24.el6_1.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: noarch: kdelibs3-apidocs-3.5.10-24.el6_1.1.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2011-3365 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFOnxBkXlSAg2UNWIIRAjsbAJ9CUYbH01NXMf2Q+ILae3M3feiQKgCeMFdP i6P2rmJwrBUTq8lzJlRmIoc=P4L9 -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Recent updates to the kdelibs and kdelibs3 packages for Red Hat address a significant security vulnerability. For further details about this update, click here.. Red Hat Enterprise,kdelibs update,security impact,SSL flaw,moderate threat. . LinuxSecurity.com Team

Calendar 2 Oct 19, 2011 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryDoSRed Hat Enterprise Linux

Red Hat: RHSA-2009:1128-01 Important: kdelibs CSS Parsing DoS

Updated kdelibs packages that fix one security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Important: kdelibs security update Advisory ID: RHSA-2009:1128-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:1128.html Issue date: 2009-06-25 CVE Names: CVE-2009-1698 ==================================================================== 1. Summary: Updated kdelibs packages that fix one security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: The kdelibs packages provide libraries for the K Desktop Environment (KDE). A flaw was found in the way the KDE CSS parser handled content for the CSS "style" attribute. A remote attacker could create a specially-crafted CSS equipped HTML page, which once visited by an unsuspecting user, could cause a denial of service (Konqueror crash) or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-1698) Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to applythis update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 506469 - CVE-2009-1698 kdelibs: KHTML CSS parser - incorrect handling CSS "style" attribute content (DoS, ACE) 6. Package List: Red Hat Enterprise Linux AS version 3: Source: i386: kdelibs-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-devel-3.1.3-6.13.i386.rpm ia64: kdelibs-3.1.3-6.13.i386.rpm kdelibs-3.1.3-6.13.ia64.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.ia64.rpm kdelibs-devel-3.1.3-6.13.ia64.rpm ppc: kdelibs-3.1.3-6.13.ppc.rpm kdelibs-3.1.3-6.13.ppc64.rpm kdelibs-debuginfo-3.1.3-6.13.ppc.rpm kdelibs-debuginfo-3.1.3-6.13.ppc64.rpm kdelibs-devel-3.1.3-6.13.ppc.rpm s390: kdelibs-3.1.3-6.13.s390.rpm kdelibs-debuginfo-3.1.3-6.13.s390.rpm kdelibs-devel-3.1.3-6.13.s390.rpm s390x: kdelibs-3.1.3-6.13.s390.rpm kdelibs-3.1.3-6.13.s390x.rpm kdelibs-debuginfo-3.1.3-6.13.s390.rpm kdelibs-debuginfo-3.1.3-6.13.s390x.rpm kdelibs-devel-3.1.3-6.13.s390x.rpm x86_64: kdelibs-3.1.3-6.13.i386.rpm kdelibs-3.1.3-6.13.x86_64.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.x86_64.rpm kdelibs-devel-3.1.3-6.13.x86_64.rpm Red Hat Desktop version 3: Source: i386: kdelibs-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-devel-3.1.3-6.13.i386.rpm x86_64: kdelibs-3.1.3-6.13.i386.rpm kdelibs-3.1.3-6.13.x86_64.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.x86_64.rpm kdelibs-devel-3.1.3-6.13.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: i386: kdelibs-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-devel-3.1.3-6.13.i386.rpm ia64: kdelibs-3.1.3-6.13.i386.rpm kdelibs-3.1.3-6.13.ia64.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.ia64.rpm kdelibs-devel-3.1.3-6.13.ia64.rpm x86_64: kdelibs-3.1.3-6.13.i386.rpm kdelibs-3.1.3-6.13.x86_64.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.x86_64.rpm kdelibs-devel-3.1.3-6.13.x86_64.rpm Red Hat Enterprise Linux WS version3: Source: i386: kdelibs-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-devel-3.1.3-6.13.i386.rpm ia64: kdelibs-3.1.3-6.13.i386.rpm kdelibs-3.1.3-6.13.ia64.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.ia64.rpm kdelibs-devel-3.1.3-6.13.ia64.rpm x86_64: kdelibs-3.1.3-6.13.i386.rpm kdelibs-3.1.3-6.13.x86_64.rpm kdelibs-debuginfo-3.1.3-6.13.i386.rpm kdelibs-debuginfo-3.1.3-6.13.x86_64.rpm kdelibs-devel-3.1.3-6.13.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2009-1698 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2009 Red Hat, Inc. . Important kdelibs security patch for Red Hat mitigates DoS vulnerability via CSS interpretation issue; prompt installation recommended.. kdelibs security, Red Hat advisory, CSS parser issue, Linux update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 25, 2009 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycritical issueFedora Core

Fedora Core 4: 2006-383 Critical Update - kdelibs 3.5.2

update to KDE 3.5.2. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-383 2006-04-18 ---------------------------------------------------------------------Product : Fedora Core 4 Name : kdelibs Version : 3.5.2 Release : 0.1.fc4 Summary : K Desktop Environment - Libraries Description : Libraries for the K Desktop Environment: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). ---------------------------------------------------------------------Update Information: update to KDE 3.5.2 ---------------------------------------------------------------------* Fri Apr 7 2006 Than Ngo 6:3.5.2-0.1.fc4 - update to 3.5.2 ---------------------------------------------------------------------This update can be downloaded from: b41f7694654be41526c0cfacae7af44bde31b303 SRPMS/kdelibs-3.5.2-0.1.fc4.src.rpm ae078927c8f936f68da47e15e9f4bba2499db257 ppc/kdelibs-3.5.2-0.1.fc4.ppc.rpm 1a0103ff9dd9ceb63d7edafdfa7e26b5a6326d85 ppc/kdelibs-devel-3.5.2-0.1.fc4.ppc.rpm b4d32ac233d6ca1d4e32db1d315abfcf6205f00a ppc/debug/kdelibs-debuginfo-3.5.2-0.1.fc4.ppc.rpm 9841769c0d8b920271527e6b6099fcb04930984b x86_64/kdelibs-3.5.2-0.1.fc4.x86_64.rpm 015524fb24c174cfb96d9c28257087b9a0de7dcd x86_64/kdelibs-devel-3.5.2-0.1.fc4.x86_64.rpm ddbfa6f7956875dc48f6f62887d712496c90a540 x86_64/debug/kdelibs-debuginfo-3.5.2-0.1.fc4.x86_64.rpm c45379e78db14b89bfe0cdb6193f0c83148ee2c8 i386/kdelibs-3.5.2-0.1.fc4.i386.rpm 9f71631610b6ddaca5846bf16f576fabe101320e i386/kdelibs-devel-3.5.2-0.1.fc4.i386.rpm 4c85674b9c33dba365201582c4c1e02d5d3c54f6 i386/debug/kdelibs-debuginfo-3.5.2-0.1.fc4.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the commandline. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The kdelibs 3.5.2 update addresses various concerns for Fedora Core 4. Acquire essential upgrades and enhancements.. KDE Libraries, Fedora Updates, kdelibs 3.5.2. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 18, 2006 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorybuffer overflowDebian

Debian 10: DEBIAN-2023-016 High: KDE Plasma Heap Corruption

A heap overflow flaw was discovered affecting kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE. An attacker could create a malicious web site containing carefully crafted JavaScript code that would trigger this flaw and possibly lead to arbitrary code execution. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0019 to this issue. Users of KDE should upgrade to these updated packages, which contain a backported patch from the KDE security team correcting this issue. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-050 2006-01-20 ---------------------------------------------------------------------Product : Fedora Core 4 Name : kdelibs Version : 3.5.0 Release : 0.4.fc4 Summary : K Desktop Environment - Libraries Description : Libraries for the K Desktop Environment: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). ---------------------------------------------------------------------Update Information: A heap overflow flaw was discovered affecting kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE. An attacker could create a malicious web site containing carefully crafted JavaScript code that would trigger this flaw and possibly lead to arbitrary code execution. The Common Vulnerabilities and Exposures project assigned the name CVE-2006-0019 to this issue. Users of KDE should upgrade to these updated packages, which contain a backported patch from the KDE security team correcting this issue ---------------------------------------------------------------------* Wed Jan 18 2006 Than Ngo 3.5.0-0.4.fc4 - apply patch to fix a printing problem - add requires on iceauth#176571 * Wed Jan 11 2006 Karsten Hopp 6:3.5.0-0.3.fc4 - fix kjs encodeuri/decodeuri heap overflow vulnerability, CVE-2006-0019 ---------------------------------------------------------------------This update can be downloaded from: db86b76009dfd868772600e2b643197fd7d7be1a SRPMS/kdelibs-3.5.0-0.4.fc4.src.rpm 93b3eada75276675171f62e8f82602fc9d4174e8 ppc/kdelibs-3.5.0-0.4.fc4.ppc.rpm eaa612bac27317b96a0c88d6f122a8595acb1b7a ppc/kdelibs-devel-3.5.0-0.4.fc4.ppc.rpm 81d47e47869fceaba8a83207577e7e88eadd7eb4 ppc/debug/kdelibs-debuginfo-3.5.0-0.4.fc4.ppc.rpm e57159f6621915c22645ce3e35dfb34d9e1e8e80 x86_64/kdelibs-3.5.0-0.4.fc4.x86_64.rpm 5558a0aeda509ec10a618c0a7e44532bced642da x86_64/kdelibs-devel-3.5.0-0.4.fc4.x86_64.rpm 8e0602b9f6f2b307b8317acad389c72e68110b2a x86_64/debug/kdelibs-debuginfo-3.5.0-0.4.fc4.x86_64.rpm ba4d3840f602dedb774231eb821fd6dcbe73e3cf i386/kdelibs-3.5.0-0.4.fc4.i386.rpm 86d01df92bfc26b56e1dfba9f196c2d6aacf1ef8 i386/kdelibs-devel-3.5.0-0.4.fc4.i386.rpm 397f3f220aa17b36ada0a165b31d225f5fd6580d i386/debug/kdelibs-debuginfo-3.5.0-0.4.fc4.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A patch for kdelibs addresses a memory overflow vulnerability in KDE's JavaScript engine, boosting overall system safety.. kdelibs, heap overflow, JavaScript execution, Debian update, KDE security. . LinuxSecurity.com Team

Calendar 2 Jan 27, 2006 Fedora
Banner 2 1028x280 1708121730 1 1771599631
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisoryhttpd updatekdelibs update

Scientific Linux: 2005:640-02 High: Kdelibs Vulnerability Patch

Moderate: kdelibs security update. Date: Thu, 28 Jul 2005 17:34:36 -0500 Reply-To: Connie Sieh Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: ERRATA for SL 40 i386 now available Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it. The following ERRATA for SL 40 i386 are now available from: Synopsis: Important: fetchmail security update Advisory ID: RHSA-2005:640-01 CVE Names: CAN-2005-2335 fetchmail-6.2.5-6.el4.2.i386.rpm Synopsis: Moderate: httpd security update Advisory ID: RHSA-2005:582-01 CVE Names: CAN-2005-1268 CAN-2005-2088 httpd-2.0.52-12.1.ent.i386.rpm httpd-devel-2.0.52-12.1.ent.i386.rpm httpd-manual-2.0.52-12.1.ent.i386.rpm httpd-suexec-2.0.52-12.1.ent.i386.rpm mod_ssl-2.0.52-12.1.ent.i386.rpm Synopsis: Moderate: kdelibs security update Advisory ID: RHSA-2005:612-01 CVE Names: CAN-2005-1920 kdelibs-3.3.1-3.11.i386.rpm kdelibs-devel-3.3.1-3.11.i386.rpm -Connie Sieh . Keep abreast of the current security updates for Scientific Linux 40, particularly those pertaining to fetchmail and httpd.. Security Advisory, Scientific Linux, HTTPD Update, Fetchmail Update, Kdelibs Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 28, 2005 Important Scientific Linux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Enterprise Linuxmoderate severity

Red Hat: 2005:307-01 Moderate: kdelibs Local DoS Update Advisory

Updated kdelibs packages that fix a local denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: kdelibs security update Advisory ID: RHSA-2005:307-01 Advisory URL: https://access.redhat.com/errata/RHSA-2005:307.html Issue date: 2005-04-06 Updated on: 2005-04-06 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0396 - ---------------------------------------------------------------------1. Summary: Updated kdelibs packages that fix a local denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The kdelibs package provides libraries for the K Desktop Environment. Sebastian Krahmer discovered a flaw in dcopserver, the KDE Desktop Communication Protocol (DCOP) daemon. A local user could use this flaw to stall the DCOP authentication process, affecting any local desktop users and causing a reduction in their desktop functionality. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0396 to this issue. Users of KDE should upgrade to these erratum packages, which contain backported patches to correct these issues. 4. Solution: Before applying thisupdate, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 151373 - CAN-2005-0396 kdelibs DCOP DoS 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: d2db7c95084c274c3269f7fa0c426d52 kdelibs-2.2.2-17.src.rpm i386: 91b38b21c1616e31e3093f7588c886c9 arts-2.2.2-17.i386.rpm 6b6c1d4a8384b8a9765c9ef1bdd838c5 kdelibs-2.2.2-17.i386.rpm ea2c5eb51e9811ac2db97bf51402b27b kdelibs-devel-2.2.2-17.i386.rpm a18c68556f859a1c06de48c9ff7a5e15 kdelibs-sound-2.2.2-17.i386.rpm 65823c5b10cb929e5b87145998ec1f7b kdelibs-sound-devel-2.2.2-17.i386.rpm ia64: 4b4cfa267505957d829205eb46acd367 arts-2.2.2-17.ia64.rpm 3388dec578af11d94481b4431a6094c1 kdelibs-2.2.2-17.ia64.rpm e2bbd0539ccae8148d6e5ca8bd9c21b0 kdelibs-devel-2.2.2-17.ia64.rpm ac827ab14483b614168e4ba691d7025f kdelibs-sound-2.2.2-17.ia64.rpm d8f040899c985487a8cf07a6606122bb kdelibs-sound-devel-2.2.2-17.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: d2db7c95084c274c3269f7fa0c426d52 kdelibs-2.2.2-17.src.rpm ia64: 4b4cfa267505957d829205eb46acd367 arts-2.2.2-17.ia64.rpm 3388dec578af11d94481b4431a6094c1 kdelibs-2.2.2-17.ia64.rpm e2bbd0539ccae8148d6e5ca8bd9c21b0 kdelibs-devel-2.2.2-17.ia64.rpm ac827ab14483b614168e4ba691d7025f kdelibs-sound-2.2.2-17.ia64.rpm d8f040899c985487a8cf07a6606122bb kdelibs-sound-devel-2.2.2-17.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: d2db7c95084c274c3269f7fa0c426d52 kdelibs-2.2.2-17.src.rpm i386: 91b38b21c1616e31e3093f7588c886c9 arts-2.2.2-17.i386.rpm 6b6c1d4a8384b8a9765c9ef1bdd838c5 kdelibs-2.2.2-17.i386.rpm ea2c5eb51e9811ac2db97bf51402b27b kdelibs-devel-2.2.2-17.i386.rpm a18c68556f859a1c06de48c9ff7a5e15 kdelibs-sound-2.2.2-17.i386.rpm 65823c5b10cb929e5b87145998ec1f7b kdelibs-sound-devel-2.2.2-17.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: d2db7c95084c274c3269f7fa0c426d52 kdelibs-2.2.2-17.src.rpm i386: 91b38b21c1616e31e3093f7588c886c9 arts-2.2.2-17.i386.rpm 6b6c1d4a8384b8a9765c9ef1bdd838c5 kdelibs-2.2.2-17.i386.rpm ea2c5eb51e9811ac2db97bf51402b27b kdelibs-devel-2.2.2-17.i386.rpm a18c68556f859a1c06de48c9ff7a5e15 kdelibs-sound-2.2.2-17.i386.rpm 65823c5b10cb929e5b87145998ec1f7b kdelibs-sound-devel-2.2.2-17.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: 3cfb3f1e237311cc804e9c2da463981a kdelibs-3.1.3-6.10.src.rpm i386: b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm 5849126531c9b1aa9dbdfa0a458830b1 kdelibs-devel-3.1.3-6.10.i386.rpm ia64: 1871487863103c38bcd2366eb950dc2c kdelibs-3.1.3-6.10.ia64.rpm b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm b09d068aa5130d81916ac52ba60dc9f5 kdelibs-devel-3.1.3-6.10.ia64.rpm ppc: f073759687671815506292d5a4c06e98 kdelibs-3.1.3-6.10.ppc.rpm 0fc3fb75ead874a49c42c5aedd49717b kdelibs-3.1.3-6.10.ppc64.rpm d22ea5aca6336d108aa266a566f3057f kdelibs-devel-3.1.3-6.10.ppc.rpm s390: 306e431bbf37219159e0e991bca012f4 kdelibs-3.1.3-6.10.s390.rpm 9fa18bbc79edc950e572508414bc325d kdelibs-devel-3.1.3-6.10.s390.rpm s390x: d7ad6b92ae64ea5ff868d64dfbea3681 kdelibs-3.1.3-6.10.s390x.rpm 306e431bbf37219159e0e991bca012f4 kdelibs-3.1.3-6.10.s390.rpm e5c635aa63dab730bd8b3536fb6c57c2 kdelibs-devel-3.1.3-6.10.s390x.rpm x86_64: c298a2e00c5a1905b8e7e884c644d664 kdelibs-3.1.3-6.10.x86_64.rpm b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm 8a049458fbfe3ab8ba838bc5ccafc20b kdelibs-devel-3.1.3-6.10.x86_64.rpm Red Hat Desktop version 3: SRPMS: 3cfb3f1e237311cc804e9c2da463981a kdelibs-3.1.3-6.10.src.rpm i386: b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm 5849126531c9b1aa9dbdfa0a458830b1 kdelibs-devel-3.1.3-6.10.i386.rpm x86_64: c298a2e00c5a1905b8e7e884c644d664 kdelibs-3.1.3-6.10.x86_64.rpm b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm 8a049458fbfe3ab8ba838bc5ccafc20b kdelibs-devel-3.1.3-6.10.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: 3cfb3f1e237311cc804e9c2da463981a kdelibs-3.1.3-6.10.src.rpm i386: b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm 5849126531c9b1aa9dbdfa0a458830b1 kdelibs-devel-3.1.3-6.10.i386.rpm ia64: 1871487863103c38bcd2366eb950dc2c kdelibs-3.1.3-6.10.ia64.rpm b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm b09d068aa5130d81916ac52ba60dc9f5 kdelibs-devel-3.1.3-6.10.ia64.rpm x86_64: c298a2e00c5a1905b8e7e884c644d664 kdelibs-3.1.3-6.10.x86_64.rpm b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm 8a049458fbfe3ab8ba838bc5ccafc20b kdelibs-devel-3.1.3-6.10.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: 3cfb3f1e237311cc804e9c2da463981a kdelibs-3.1.3-6.10.src.rpm i386: b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm 5849126531c9b1aa9dbdfa0a458830b1 kdelibs-devel-3.1.3-6.10.i386.rpm ia64: 1871487863103c38bcd2366eb950dc2c kdelibs-3.1.3-6.10.ia64.rpm b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm b09d068aa5130d81916ac52ba60dc9f5 kdelibs-devel-3.1.3-6.10.ia64.rpm x86_64: c298a2e00c5a1905b8e7e884c644d664 kdelibs-3.1.3-6.10.x86_64.rpm b5d72f35d741ffbd4ad7312bae417735 kdelibs-3.1.3-6.10.i386.rpm 8a049458fbfe3ab8ba838bc5ccafc20b kdelibs-devel-3.1.3-6.10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-CAN-2005-0396 8. Contact: The Red Hat security contact is . More contact detailsat https://access.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. . Significant kdelibs patch released for Red Hat addressing local denial of service vulnerabilities impacting desktop environments.. Red Hat Security,kdelibs Update,Denial Of Service,Linux Packages. . LinuxSecurity.com Team

Calendar 2 Apr 06, 2005 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorycriticalRed Hat Enterprise Linux

Red Hat Enterprise Linux 3: RHSA-2004:222-01 Critical: kdelibs URI Issues

Updated kdelibs packages that fix telnet URI handler and mailto URI handler file vulnerabilities are now available.. Red Hat Security Advisory Synopsis: Updated kdelibs packages resolve URI security issues Advisory ID: RHSA-2004:222-01 Issue date: 2004-05-17 Updated on: 2004-05-17 Product: Red Hat Enterprise Linux Keywords: Cross references: Obsoletes: RHSA-2004:074 CVE Names: CAN-2004-0411 - --------------------------------------------------------------------- 1. Topic: Updated kdelibs packages that fix telnet URI handler and mailto URI handler file vulnerabilities are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The kdelibs packages include libraries for the K Desktop Environment. KDE Libraries include: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). Konqueror is a file manager and Web browser for the K Desktop Environment (KDE). iDEFENSE identified a vulnerability in the Opera web browser that could allow remote attackers to create or truncate arbitrary files. The KDE team has found two similar vulnerabilities that also exist in KDE. A flaw in the telnet URI handler may allow options to be passed to the telnet program, resulting in creation or replacement of files. An attacker could create a carefully crafted link such that when opened by a victim it creates or overwrites a file withthe victim's permissions. A flaw in the mailto URI handler may allow options to be passed to the kmail program. These options could cause kmail to write to the file system or to run on a remote X display. An attacker could create a carefully crafted link in such a way that access may be obtained to run arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0411 to these issues. Note: Red Hat Enterprise Linux 2.1 is only vulnerable to the mailto URI flaw as a previous update shipped without a telnet.protocol file. All users of KDE are advised to upgrade to these erratum packages, which contain a backported patch for these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://access.redhat.com 5. Bug IDs fixed ( for more info): 123232 - CAN-2004-0411 URI filtering vulnerability 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version2.1: SRPMS: i386: Available from Red Hat Network: arts-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-devel-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-sound-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-sound-devel-2.2.2-11.i386.rpm ia64: Available from Red Hat Network: arts-2.2.2-11.ia64.rpm Available from Red Hat Network: kdelibs-2.2.2-11.ia64.rpm Available from Red Hat Network: kdelibs-devel-2.2.2-11.ia64.rpm Available from Red Hat Network: kdelibs-sound-2.2.2-11.ia64.rpm Available from Red Hat Network: kdelibs-sound-devel-2.2.2-11.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ia64: Available from Red Hat Network: arts-2.2.2-11.ia64.rpm Available from Red Hat Network: kdelibs-2.2.2-11.ia64.rpm Available from Red Hat Network: kdelibs-devel-2.2.2-11.ia64.rpm Available from Red Hat Network: kdelibs-sound-2.2.2-11.ia64.rpm Available from Red Hat Network: kdelibs-sound-devel-2.2.2-11.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: i386: Available from Red Hat Network: arts-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-devel-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-sound-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-sound-devel-2.2.2-11.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: i386: Available from Red Hat Network: arts-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-devel-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-sound-2.2.2-11.i386.rpm Available from Red Hat Network: kdelibs-sound-devel-2.2.2-11.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: i386: Available from Red Hat Network: kdelibs-3.1.3-6.4.i386.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.i386.rpm ia64: Available from Red Hat Network: kdelibs-3.1.3-6.4.ia64.rpm Available from Red Hat Network:kdelibs-devel-3.1.3-6.4.ia64.rpm ppc: Available from Red Hat Network: kdelibs-3.1.3-6.4.ppc.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.ppc.rpm s390: Available from Red Hat Network: kdelibs-3.1.3-6.4.s390.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.s390.rpm s390x: Available from Red Hat Network: kdelibs-3.1.3-6.4.s390x.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.s390x.rpm x86_64: Available from Red Hat Network: kdelibs-3.1.3-6.4.x86_64.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.x86_64.rpm Red Hat Desktop version 3: SRPMS: i386: Available from Red Hat Network: kdelibs-3.1.3-6.4.i386.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.i386.rpm x86_64: Available from Red Hat Network: kdelibs-3.1.3-6.4.x86_64.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: i386: Available from Red Hat Network: kdelibs-3.1.3-6.4.i386.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.i386.rpm ia64: Available from Red Hat Network: kdelibs-3.1.3-6.4.ia64.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.ia64.rpm x86_64: Available from Red Hat Network: kdelibs-3.1.3-6.4.x86_64.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: i386: Available from Red Hat Network: kdelibs-3.1.3-6.4.i386.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.i386.rpm ia64: Available from Red Hat Network: kdelibs-3.1.3-6.4.ia64.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.ia64.rpm x86_64: Available from Red Hat Network: kdelibs-3.1.3-6.4.x86_64.rpm Available from Red Hat Network: kdelibs-devel-3.1.3-6.4.x86_64.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 240c6505acec2356220b76477de9cfe9 arts-2.2.2-11.i386.rpm 45647631fb31fccd8de357dfb7285a69arts-2.2.2-11.ia64.rpm c7d1747dea5001e2de47ed6a278def66 kdelibs-2.2.2-11.i386.rpm aadc9d79bddbaac5e8c0adf287b06405 kdelibs-2.2.2-11.ia64.rpm e4f2075b6f80f7dc855d786816634e44 kdelibs-2.2.2-11.src.rpm 710fb1f4089e86101e95292564625387 kdelibs-3.1.3-6.4.i386.rpm 438ef0cd01e512e1822eb819cde5f405 kdelibs-3.1.3-6.4.ia64.rpm 6b9095e86b9698606d1def4b24c1c7af kdelibs-3.1.3-6.4.ppc.rpm d43e989c92cf19ff5cf5ea84f13937f1 kdelibs-3.1.3-6.4.s390.rpm 0abe3254d8fcd1f55bd6dea9bb32b4f1 kdelibs-3.1.3-6.4.s390x.rpm 5a8bcb4feb3e4fa9a2cc646eb6321c83 kdelibs-3.1.3-6.4.src.rpm 7561fc225c179a046e7a2fbe85e56123 kdelibs-3.1.3-6.4.x86_64.rpm f0c464c5cbca39beada246396d90adc8 kdelibs-devel-2.2.2-11.i386.rpm 54546bdd2f2d9849119533ca1bb0cfcf kdelibs-devel-2.2.2-11.ia64.rpm 5a7c254d028fa2ec3a3e4bf1cc7ee989 kdelibs-devel-3.1.3-6.4.i386.rpm 57ba2bdf60aa052d1fb0ca4df4295580 kdelibs-devel-3.1.3-6.4.ia64.rpm beb3ebde3ba83c40d5991b3d57e0434b kdelibs-devel-3.1.3-6.4.ppc.rpm 38e2c6995f70cecec99e2460d76aeb30 kdelibs-devel-3.1.3-6.4.s390.rpm 7d45ff3567e12259f58f1a082d5a4ad4 kdelibs-devel-3.1.3-6.4.s390x.rpm 2d9da6a96c40c2d0956ed5692860b2ca kdelibs-devel-3.1.3-6.4.x86_64.rpm 24767eda2c7bc7c3dedec88ab1cef637 kdelibs-sound-2.2.2-11.i386.rpm a6a516b72e2666a246c657868b31cdc4 kdelibs-sound-2.2.2-11.ia64.rpm 305b3988acb971e46d0cfc76d41efbdf kdelibs-sound-devel-2.2.2-11.i386.rpm 7e65d97bf1f95241d21a7f2bd853d5ec kdelibs-sound-devel-2.2.2-11.ia64.rpm These packages are GPG signed by Red Hat for security. Our key is available from You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: kde CVE -CVE-2004-0411 9. Contact: The Red Hat security contact is . More contact details at Copyright 2004 Red Hat, Inc. . Critical updates available for kdelibs packages to resolve URI handler security issues on Red Hat systems.. kdelibs Update, Red HatAdvisory, URI Handler Issues, Security Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 18, 2004 Critical Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here