LWN.net Logo

kde: weak passwords generated by PasteMacroExpander

Package(s):kde CVE #(s):CVE-2013-2120
Created:June 12, 2013 Updated:June 17, 2013
Description: From the Red Hat bugzilla:

A security flaw was found in the way PasteMacroExpander of paste applet of kdeplasma-addons, a suite of additional plasmoids for KDE desktop environment, performed password generation / derivation for user provided string. An attacker could use this flaw to obtain plaintext form of such a password (possibly leading to their subsequent ability for unauthorized access to a service / resource, intended to be protected by such a password).

Alerts:
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10130 2013-06-12
Fedora FEDORA-2013-10182 2013-06-16

(Log in to post comments)

kde: weak passwords generated by PasteMacroExpander

Posted Jun 13, 2013 5:45 UTC (Thu) by remmy (subscriber, #4400) [Link]

I wish Fedora would issue an advisory for this...

kde: weak passwords generated by PasteMacroExpander

Posted Jun 13, 2013 7:18 UTC (Thu) by rahulsundaram (subscriber, #21946) [Link]

what do you mean?

kde: weak passwords generated by PasteMacroExpander

Posted Jun 13, 2013 20:48 UTC (Thu) by jimparis (subscriber, #38647) [Link]

That was surely sarcasm, given that this post links to nearly 150 such advisories already.

Does the buggy code really show up in this many binary packages? If so, why?!! Or is it just that all of these packages are built from the same source tree?

kde: weak passwords generated by PasteMacroExpander

Posted Jun 13, 2013 20:53 UTC (Thu) by rahulsundaram (subscriber, #21946) [Link]

The Fedora KDE team has published an update to the latest KDE bugfix release in the series which includes this security fix and since Bodhi, the Fedora update system was used to collectively push all these updates together for inter dependencies, marking it as a security update tags all of these updates as security fixes.

kde: weak passwords generated by PasteMacroExpander

Posted Jun 13, 2013 17:22 UTC (Thu) by rriggs (subscriber, #11598) [Link]

Someone fell asleep at the keyboard again, this time while holding down ctrl-V.

kde: weak passwords generated by PasteMacroExpander

Posted Jun 13, 2013 21:08 UTC (Thu) by pboddie (guest, #50784) [Link]

fedora: superfluous advisories generated by PasteAdvisoryExpander

:-)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds