Friday's security updates

Fedora has updated ikiwiki (F14, F13: cross-site scripting), F14: gthumb (HTML injection), F14: gpscorrelate (HTML injection), F14: immix (HTML injection), F14: gipfel (HTML injection), F14: kdeaccessibility (HTML injection), F14: kdebase (HTML injection), F14: kdeartwork (HTML injection), F14: kdebase-runtime (HTML injection), F14: kdelibs (HTML injection), F14: kdegraphics (HTML injection), F14: darktable (HTML injection), F14: kphotoalbum (HTML injection), F14: kdenetwork (HTML injection), F14: kdegames (HTML injection), F14: strigi (HTML injection), F14: exiv2 (HTML injection), F14: hugin (HTML injection), F14: kdeplasma-addons (HTML injection), F14: kde-l10n (HTML injection), F14: geeqie (HTML injection), F14: shotwell (HTML injection), F14: gnome-commander (HTML injection), F14: oxygen-icon-theme (HTML injection), F14: kdeutils (HTML injection), F14: libextractor (HTML injection), F14: qtpfsgui (HTML injection), F14: kdesdk (HTML injection), F14: kdepimlibs (HTML injection), F14: krename (HTML injection), F14: kdeadmin (HTML injection), F14: rawstudio (HTML injection), F14: koffice (HTML injection), F14: kdebindings (HTML injection), F14: merkaartor (HTML injection), F14: pyexiv (HTML injection), F14: kdeedu (HTML injection), F14: ufraw (HTML injection), F14: kdemultimedia (HTML injection), F14: kdetoys (HTML injection), F14: libgexiv (HTML injection), and F14: kdebase-workspace (HTML injection).

Mandriva has updated krb5 (arbitrary code execution).

openSUSE has updated postfix (TLS plaintext injection).

Slackware has updated rdesktop (directory traversal).

Comments (6 posted)