Fedora alert FEDORA-2012-17388 (kdelibs)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 16 Update: kdelibs-4.8.5-2.fc16 | |
| Date: | Fri, 16 Nov 2012 07:34:58 +0000 | |
| Message-ID: | <20121116073458.F1AAF20F7E@bastion01.phx2.fedoraproject.org> | |
| Archive‑link: | Article |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2012-17388 2012-11-01 00:48:42 -------------------------------------------------------------------------------- Name : kdelibs Product : Fedora 16 Version : 4.8.5 Release : 2.fc16 URL : http://www.kde.org/ Summary : KDE Libraries Description : Libraries for KDE 4. -------------------------------------------------------------------------------- Update Information: - CVE-2012-4515 - Fix crash when trying to reuse a frame with a null part -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 31 2012 Than Ngo <than@redhat.com> - 6:4.8.5-2 - Resolves: CVE-2012-4515, CVE-2012-4514 * Thu Aug 2 2012 Rex Dieter <rdieter@fedoraproject.org> - 6:4.8.5-1 - 4.8.5 * Fri Jul 13 2012 Rex Dieter <rdieter@fedoraproject.org> - 6:4.8.4-8 - CD drive tray goes back in after 'Eject' when dolphin is running (kde#296657, #811609) * Thu Jul 12 2012 Than Ngo <than@redhat.com> - 6:4.8.4-7 - fix kjs to return valid lang (RFC 1766) * Fri Jun 29 2012 Lukáš Tinkl <ltinkl@redhat.com> - 6:4.8.4-6 - sync the udisks2 backend patch * Wed Jun 20 2012 Rex Dieter <rdieter@fedoraproject.org> 6:4.8.4-5 - rebuild (attica) * Thu Jun 14 2012 Than Ngo <than@redhat.com> - 6:4.8.4-4 - fix bz#830178, regression in 4.8.4 * Thu Jun 7 2012 Lukáš Tinkl <ltinkl@redhat.com> - 6:4.8.4-3 - another respin * Wed Jun 6 2012 Than Ngo <than@redhat.com> - 6:4.8.4-2 - respin * Mon Jun 4 2012 Than Ngo <than@redhat.com> - 6:4.8.4-1 - 4.8.4 * Fri May 25 2012 Rex Dieter <rdieter@fedoraproject.org> - 6:4.8.3-4 - include upstream kmessagewidget fixes - apply kdeclarative-install-location.patch * Thu May 24 2012 Lukas Tinkl <ltinkl@redhat.com> - 6:4.8.3-3 - update the udisks2 backend patch, fixing some bugs with storage drives * Thu May 3 2012 Than Ngo <than@redhat.com> - 6:4.8.3-2 - add rhel/fedora condition * Mon Apr 30 2012 Jaroslav Reznik <jreznik@redhat.com> - 6:4.8.3-1 - 4.8.3 - remove cmake implicit link directories patch - remove adblock filter patch - add kdeclarative install location patch * Mon Apr 16 2012 Rex Dieter <rdieter@fedoraproject.org> 6:4.8.2-4 - enable udisks2, +Requires: udisks2 on f18+ too * Mon Apr 16 2012 Lukas Tinkl <ltinkl@redhat.com> - 6:4.8.2-3 - add udisks2 Solid backend plus RHEL conditional * Thu Apr 12 2012 Than Ngo <than@redhat.com> - 6:4.8.2-2 - Load/Update filter lists only when AdBlock is enabled * Fri Mar 30 2012 Jaroslav Reznik <jreznik@redhat.com> - 6:4.8.2-1 - 4.8.2 * Thu Mar 22 2012 Jaroslav Reznik <jreznik@redhat.com> 6:4.8.1-3 - Sonnet crash due to unitialized value access (kde#295615, rhbz#805010) * Tue Mar 13 2012 Rex Dieter <rdieter@fedoraproject.org> 6:4.8.1-2 - Nepomuk::Resource[Data|Watcher] thread-safety (kde#295474) * Mon Mar 5 2012 Radek Novacek <rnovacek@redhat.com> 6:4.8.1-1 - 4.8.1 - Drop upstreamed patches * Tue Feb 28 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 6:4.8.0-5 - Rebuilt for c++ ABI breakage * Sat Feb 18 2012 Rex Dieter <rdieter@fedoraproject.org> 4.8.0-4 - don't set rpath on multiarch dirs (kde review request #103422) * Fri Feb 10 2012 Petr Pisar <ppisar@redhat.com> - 6:4.8.0-3 - Rebuild against PCRE 8.30 * Sat Feb 4 2012 Rex Dieter <rdieter@fedoraproject.org> 6:4.8.0-2 - fix KDE_VERSION_STRING (kde#293204) * Thu Jan 19 2012 Jaroslav Reznik <jreznik@redhat.com> - 6:4.8.0-1 - 4.8.0 * Wed Jan 4 2012 Radek Novacek <rnovacek@redhat.com> - 6:4.7.97-1 - 4.7.97 * Sat Dec 31 2011 Rex Dieter <rdieter@fedoraproject.org> 6:4.7.95-2 - rebuild (attica) * Wed Dec 21 2011 Radek Novacek <rnovacek@redhat.com> - 6:4.7.95-1 - 4.7.95 - drop patch for Plasma::PackageMetadata::read: Match the behavior of KService. * Tue Dec 6 2011 Than Ngo <than@redhat.com> - 4.7.90-2 - add ss390/s390x support in kjs * Sat Dec 3 2011 Rex Dieter <rdieter@fedoraproject.org> 4.7.90-1 - 4.7.90 * Thu Dec 1 2011 Rex Dieter <rdieter@fedoraproject.org> 4.7.80-3 - disable solid/upnp by default, set env SOLID_UPNP=1 to re-enable (#754530, #758008, kde#259472) * Tue Nov 29 2011 Rex Dieter <rdieter@fedoraproject.org> 4.7.80-2 - drop kactivities conditional * Fri Nov 18 2011 Jaroslav Reznik <jreznik@redhat.com> 4.7.80-1 - 4.7.80 (beta 1) * Wed Nov 16 2011 Rex Dieter <rdieter@fedoraproject.org> 4.7.3-5 - restore halectomy patch (sans fstab-removing pieces) * Mon Nov 14 2011 Rex Dieter <rdieter@fedoraproject.org> 4.7.3-4 - solid hardware does not detect NFS drives, halectomy related (#751879) * Mon Nov 7 2011 Than Ngo <than@redhat.com> - 4.7.3-3 - CVE-2010-0046, security issue in khtml * Fri Nov 4 2011 Rex Dieter <rdieter@fedoraproject.org> 4.7.3-2 - no_libkactivities * Sat Oct 29 2011 Rex Dieter <rdieter@fedoraproject.org> 4.7.3-1 - 4.7.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #865831 - CVE-2012-4515 kdelibs: Use-after-free when context menu being used whilst the document DOM is being changed from within JavaScript https://bugzilla.redhat.com/show_bug.cgi?id=865831 [ 2 ] Bug #869681 - CVE-2012-4514 kdelibs (khtml): NULL pointer dereference when trying to reuse a frame with null part https://bugzilla.redhat.com/show_bug.cgi?id=869681 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update kdelibs' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...