Fedora alert FEDORA-2004-121 (kdelibs)
| From: | Than Ngo <than@redhat.com> | |
| To: | fedora-announce-list@redhat.com | |
| Subject: | [SECURITY] Fedora Core 1 Update: kdelibs-3.1.4-5 | |
| Date: | Mon, 17 May 2004 18:24:02 +0200 |
--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-121 2004-05-17 --------------------------------------------------------------------- Name : kdelibs Version : 3.1.4 Release : 5 Summary : K Desktop Environment - Libraries Description : Libraries for the K Desktop Environment: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). --------------------------------------------------------------------- Update Information: iDEFENSE identified a vulnerability in the Opera Web Browser that could allow remote attackers to create or truncate arbitrary files. The KDE team has found that a similar vulnerability exists in KDE. A flaw in the telnet URL handler can allow options to be passed to the telnet program which can be used to allow file creation or overwriting. An attacker could create a carefully crafted link such that when opened by a victim it creates or overwrites a file in the victims home directory. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0411 to this issue. --------------------------------------------------------------------- * Sun May 16 2004 Than Ngo <than@redhat.com> 6:3.1.4-5 - KDE Telnet URI Handler File Vulnerability, vulnerability in the mailto handler, CAN-2004-0411 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/ 17ef612d8376994d49d775e65f7cf3e2 SRPMS/kdelibs-3.1.4-5.src.rpm 67043b7db880bd1c5a6f6a860e357c3f i386/kdelibs-3.1.4-5.i386.rpm 4d7004becf7fb55a35530c49e77c36b7 i386/kdelibs-devel-3.1.4-5.i386.rpm d2ecc5a35193a30df1fa70bb382bc708 i386/debug/kdelibs-debuginfo-3.1.4-5.i386.rpm 7b91158e81b7291826d5ba614179d706 x86_64/kdelibs-3.1.4-5.x86_64.rpm 6a213815b2584be92ec32da05a985cba x86_64/kdelibs-devel-3.1.4-5.x86_64.rpm b136d3d183e72666f6f56e6a507c10f3 x86_64/debug/kdelibs-debuginfo-3.1.4-5.x86_64.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- fedora-announce-list mailing list fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list
(Log in to post comments)