drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Authentiserungsdaten in kdelibs
Name: |
Preisgabe von Authentiserungsdaten in kdelibs
|
|
ID: |
SSA:2003-213-01 |
|
Distribution: |
Slackware |
|
Plattformen: |
Slackware 9.0 |
|
Datum: |
Sa, 2. August 2003, 13:00 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
KDE Software Compilation |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[slackware-security] KDE packages updated (SSA:2003-213-01)
New KDE packages are available for Slackware 9.0. These address a security issue where Konqueror may leak authentication credentials.
Here are the details from the Slackware 9.0 ChangeLog: +--------------------------+ Fri Aug 1 15:15:51 PDT 2003 patches/packages/kde/*: Upgraded to KDE 3.1.3. Note that this update addresses a security problem in Konqueror which may cause authentication credentials to be leaked to an unintended website through the HTTP-referer header when they have been entered into Konqueror as a URL of the form: http://user:password@host/ For more information about this issue, please see the KDE advisory: http://www.kde.org/info/security/advisory-20030729-1.txt We recommend that sites running KDE install this update. (* Security fix *) patches/packages/kdei/*: New internationalization packages for KDE 3.1.3. +--------------------------+
WHERE TO FIND THE NEW PACKAGES: +-----------------------------+
Updated packages for Slackware 9.0: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kde/*.tgz ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kdei/*.tgz
These packages are signed with our GPG key: http://slackware.com/gpg-key
INSTALLATION INSTRUCTIONS: +------------------------+
Upgrade using upgradepkg (as root): upgradepkg *.tgz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back. Follow the instructions to | | complete the unsubscription. Do not reply to this message to | | unsubscribe! | +------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/Kv5QakRjwEAQIjMRAmmbAJ0YeK5WuUjzQkkCt72O4R5yRkrVigCdHqWo 1EbU2zkcVZFkZmUSPYtbbpU= =c8IL -----END PGP SIGNATURE-----
|
|
|
|