[MBT] new ticket for pkg kdelibs "Various security problems in KDE; upgrade to 3.1"
bugs at pld.org.pl
bugs at pld.org.pl
Tue Feb 4 12:54:08 CET 2003
Date: 2003-02-04 12:54:08+01 Author: (kreutzm) <kreutzm at itp.uni-hannover.de>
Title: Various security problems in KDE; upgrade to 3.1
Ticket ID: #552
Ticket URL: http://bugs.pld.org.pl/?bug=552
Package: kdelibs-6:2.2.2-8
Distribution: PLD-Ra.main
Category: security problem
Current state: opened
Text:
There are various problems with KDE as shipped by PLD:
*)Konquerer secure flag:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1152
*)Cross-Scripting in Konquerer
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1151
http://www.kde.org/info/security/advisory-20020908-2.txt
*)Problems with large figure in Konquerer
http://online.securityfocus.com/bid/5721
And more; see [RHSA-2002:220-40], and a bunch of recent Debian annoucements.
CAN-2002-0838 CAN-2002-0970 CAN-2002-1152 CAN-2002-1151 CAN-2002-1223 CAN-2002-1224 CAN-2002-1247 CAN-2002-1281 CAN-2002-1282 CAN-2002-1306 CAN-2002-1393
These problems hit several parts of kdelibs; thus I filed it against some "base" package
More information about the pld-bugs
mailing list