drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in kdelibs3
| Name: |
Preisgabe von Informationen in kdelibs3 |
|
| ID: |
FEDORA-2013-8717 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 18 |
|
| Datum: |
Mi, 29. Mai 2013, 08:32 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2074 |
|
| Applikationen: |
KDE Software Compilation |
|
Originalnachricht |
Name : kdelibs3
Product : Fedora 18
Version : 3.5.10
Release : 53.fc18
URL : http://www.kde.org/
Summary : KDE 3 Libraries
Description :
Libraries for KDE 3:
KDE Libraries included: kdecore (KDE core library), kdeui (user interface),
kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking),
kspell (spelling checker), jscript (javascript), kab (addressbook),
kimgio (image manipulation).
-------------------------------------------------------------------------------
-
Update Information:
This update fixes a low-impact security issue in the KDE 3 compatibility
(kdelibs3) version of kio_http where it would print passwords contained in HTTP URLs in error and debugging messages (CVE-2013-2074).
-------------------------------------------------------------------------------
-
ChangeLog:
* Sat May 18 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.5.10-53
- fix CVE-2013-2074 (passwords in HTTP URLs in error messages, #962001)
* Mon Apr 1 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.5.10-52
- use automake --force-missing to get aarch64 support (#925029/#925627)
- also use automake --copy (the default is symlinking)
* Sun Mar 10 2013 Rex Dieter <rdieter@fedoraproject.org> - 3.5.10-51
- rebuild (OpenEXR)
* Sat Mar 9 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.5.10-50
- drop branding hack which breaks kde-config --kde-version
* Sat Mar 9 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.5.10-49
- unify KDE 3 autotools fixes between packages
* Thu Mar 7 2013 Than Ngo <than@redhat.com> - 3.5.10-48
- fix build failture
* Thu Feb 14 2013 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 3.5.10-47
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 3.5.10-46
- rebuild due to "jpeg8-ABI" feature drop
* Tue Dec 25 2012 Kevin Kofler <Kevin@tigcc.ticalc.org> 3.5.10-45
- drop CUPS conditionals, CUPS support must always be built
- backport CUPS 1.6 build fixes from Trinity / Timothy Pearson
* Fri Dec 21 2012 Rex Dieter <rdieter@fedoraproject.org> 3.5.10-44
- disable cups support on f19+ (for now, needs lots 'o love)
* Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 3.5.10-43
- rebuild against new libjpeg
* Thu Dec 20 2012 Rex Dieter <rdieter@fedoraproject.org> 3.5.10-42
- omit ktelnetservice (in favor of kdelibs4's copy)
* Thu Dec 6 2012 Kevin Kofler <Kevin@tigcc.ticalc.org> 3.5.10-41
- omit cupsdconf (F19+), FTBFS with the latest CUPS and not worth fixing
* Tue Dec 4 2012 Rex Dieter <rdieter@fedoraproject.org> 3.5.10-40
- kate has a file conflict with kdelibs3 (#883529)
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #961981 - CVE-2013-2074 kdelibs: prints passwords contained in HTTP
URLs in error messages
https://bugzilla.redhat.com/show_bug.cgi?id=961981
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update kdelibs3' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
