drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in kdelibs3
Name: |
Preisgabe von Informationen in kdelibs3 |
|
ID: |
FEDORA-2013-8717 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 18 |
|
Datum: |
Mi, 29. Mai 2013, 08:32 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2074 |
|
Applikationen: |
KDE Software Compilation |
|
Originalnachricht |
Name : kdelibs3 Product : Fedora 18 Version : 3.5.10 Release : 53.fc18 URL : http://www.kde.org/ Summary : KDE 3 Libraries Description : Libraries for KDE 3: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation).
------------------------------------------------------------------------------- - Update Information:
This update fixes a low-impact security issue in the KDE 3 compatibility (kdelibs3) version of kio_http where it would print passwords contained in HTTP URLs in error and debugging messages (CVE-2013-2074). ------------------------------------------------------------------------------- - ChangeLog:
* Sat May 18 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.5.10-53 - fix CVE-2013-2074 (passwords in HTTP URLs in error messages, #962001) * Mon Apr 1 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.5.10-52 - use automake --force-missing to get aarch64 support (#925029/#925627) - also use automake --copy (the default is symlinking) * Sun Mar 10 2013 Rex Dieter <rdieter@fedoraproject.org> - 3.5.10-51 - rebuild (OpenEXR) * Sat Mar 9 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.5.10-50 - drop branding hack which breaks kde-config --kde-version * Sat Mar 9 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.5.10-49 - unify KDE 3 autotools fixes between packages * Thu Mar 7 2013 Than Ngo <than@redhat.com> - 3.5.10-48 - fix build failture * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.5.10-47 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 3.5.10-46 - rebuild due to "jpeg8-ABI" feature drop * Tue Dec 25 2012 Kevin Kofler <Kevin@tigcc.ticalc.org> 3.5.10-45 - drop CUPS conditionals, CUPS support must always be built - backport CUPS 1.6 build fixes from Trinity / Timothy Pearson * Fri Dec 21 2012 Rex Dieter <rdieter@fedoraproject.org> 3.5.10-44 - disable cups support on f19+ (for now, needs lots 'o love) * Fri Dec 21 2012 Adam Tkac <atkac redhat com> - 3.5.10-43 - rebuild against new libjpeg * Thu Dec 20 2012 Rex Dieter <rdieter@fedoraproject.org> 3.5.10-42 - omit ktelnetservice (in favor of kdelibs4's copy) * Thu Dec 6 2012 Kevin Kofler <Kevin@tigcc.ticalc.org> 3.5.10-41 - omit cupsdconf (F19+), FTBFS with the latest CUPS and not worth fixing * Tue Dec 4 2012 Rex Dieter <rdieter@fedoraproject.org> 3.5.10-40 - kate has a file conflict with kdelibs3 (#883529) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #961981 - CVE-2013-2074 kdelibs: prints passwords contained in HTTP URLs in error messages https://bugzilla.redhat.com/show_bug.cgi?id=961981 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update kdelibs3' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|