LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Slackware alert SSA:2006-045-05 (kdelibs)



From:
    	      Slackware Security Team <security@slackware.com>


To:
    	      slackware-security@slackware.com


Subject:
    	      [slackware-security]  kdelibs (SSA:2006-045-05)


Date:
    	      Tue, 14 Feb 2006 16:33:24 -0800 (PST)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  kdelibs (SSA:2006-045-05)

New kdelibs packages are available for Slackware 10.0, 10.1, 
and 10.2 to fix a security issue with kjs.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0019

Additional information may be found on the KDE website:

  http://www.kde.org/info/security/advisory-20060119-1.txt


Here are the details from the Slackware 10.2 ChangeLog:
+--------------------------+
patches/packages/kdelibs-3.4.2-i486-2.tgz:  Patched a heap overflow
  vulnerability in kjs, the JavaScript interpreter engine used by
  Konqueror and other parts of KDE.
  For more information, see:
    http://www.kde.org/info/security/advisory-20060119-1.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0019
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patc...

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patc...

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patc...


MD5 signatures:
+-------------+

Slackware 10.0 package:
e16976b57ea2e41520ebd986eba3aab4  kdelibs-3.2.3-i486-3.tgz

Slackware 10.1 package:
9d04a303202670c6698d4c8582bdf7b2  kdelibs-3.3.2-i486-3.tgz

Slackware 10.2 package:
903e2dc4ca1882e021a7223bf4a25d0c  kdelibs-3.4.2-i486-2.tgz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg kdelibs-3.4.2-i486-2.tgz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFD8ndGakRjwEAQIjMRAuoEAJ9/Bt+MmeN8cb6ofXSDbGyMglgRIwCbBWl1
Og1iuJyEVkgSvz66KBqRpos=
=TTOC
-----END PGP SIGNATURE-----
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds