The KDE project has issued a couple of security advisories:
- This one describes a cross-site
scripting vulnerability in Konqueror (and any other application which
access other frames which should be inaccessible. This problem is
fixed in kdelibs 3.0.3a.
- The second is for a secure cookie
problem in Konqueror. The "secure" flag in cookies is not recognized,
with the result that "secure" cookes can be transmitted over
unencrypted connections. KDE 3.0.3 fixes the problem.
We will, of course, pass on distributor updates as we receive them.
to post comments)