Pardus alert 2010-108 (rekonq)

From:
    	     
 
Eren Turkay <eren@pardus.org.tr> 
To:
    	     
 
pardus-security@pardus.org.tr 
Subject:
    	     
 
[Pardus-security] [PLSA 2010-108] Rekonq: XSS Vulnerability 
Date:
    	     
 
Thu, 12 Aug 2010 23:05:43 +0300 (EEST)
Message-ID:
    	     
 
<20100812200543.8351FA7AC40@lider.pardus.org.tr>
Archive-link:
    	     
 
Article, Thread
              
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-108           security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-08-11
  Severity: 4
      Type: Local
------------------------------------------------------------------------

Summary
=======

Universal XSS vulnerability has been fixed in Rekonq. 


Description
===========

Universal XSS vulnerability has been fixed in Rekonq. This vulnerability
allows remote attackers to run arbitrary  javascript  code,  which  can 
allow them to extract cookies. 


Affected packages:

  Pardus 2009:
    rekonq, all before 0.5.0-6-3


Resolution
==========

There are update(s) for rekonq. You can update them via Package Manager 
or with a single command from console: 

    pisi up rekonq

References
==========

  * http://bugs.pardus.org.tr/show_bug.cgi?id=13893
  * https://bugs.kde.org/show_bug.cgi?id=217464

------------------------------------------------------------------------

_______________________________________________
Pardus-security mailing list
Pardus-security@pardus.org.tr
http://liste.pardus.org.tr/mailman/listinfo/pardus-security