drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in kde-workspace
Name: |
Ausführen beliebiger Kommandos in kde-workspace |
|
ID: |
FEDORA-2014-14865 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 19 |
|
Datum: |
Mo, 17. November 2014, 08:08 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8651 |
|
Applikationen: |
KDE Software Compilation |
|
Originalnachricht |
Name : kde-workspace Product : Fedora 19 Version : 4.11.14 Release : 1.fc19 URL : https://projects.kde.org/projects/kde/kde-workspace Summary : KDE Workspace Description : The KDE Workspace consists of what is the desktop of the KDE Desktop Environment.
This package contains: * khotkeys (a hotkey daemon) * klipper (a cut & paste history utility) * kmenuedit (the menu editor) * krunner (a command run interface) * kwin (the window manager of KDE) * plasma (the KDE desktop, panels and widgets workspace application) * systemsettings (the configuration editor)
------------------------------------------------------------------------------- - Update Information:
New security fix release, privilege escalation issue, see also https://www.kde.org/info/security/advisory-20141106-1.txt ------------------------------------------------------------------------------- - ChangeLog:
* Tue Nov 11 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.14-1 - 4.11.14 * Thu Oct 16 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.13-2 - -libs: make kde-style-oxygen dep unversioned - enable kscreen support for el7 * Sat Oct 11 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.13-1 - 4.11.13 * Tue Sep 16 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.12-1 - 4.11.12 * Fri Aug 22 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.11-4 - Requires: kactivities (unversioned) * Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.11.11-3.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Fri Jul 25 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.11-2.1 - rebuild (f20 against kde-4.13) * Thu Jul 24 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.11-2 - -libs: drop Requires: kde-workspace * Sat Jul 12 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.11-1 - 4.11.11 * Sat Jul 5 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.11.10-8 - backport upstream patch to fix choppy fullscreen with OpenGL compositing on the latest xorg-x11-drv-intel driver from KWin 5 (kde#336589, fdo#80349) * Thu Jul 3 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.10-7 - QT_PLUGIN_PATH contains repeated paths (#1115268) * Wed Jul 2 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.10-6 - BuildConflicts: nepomuk-core-devel * Thu Jun 19 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.10-5 - BR: kdelibs4-webkit-devel * Wed Jun 11 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.10-4 - revert patch for "Fix ... cut off ... in digital clock" * Wed Jun 11 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.10-3 - Fix the numbers cut off problem in digital clock applet (kde#228902) * Sun Jun 8 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.10-2 - respin * Sat Jun 7 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.10-1 - 4.11.10 * Fri May 2 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.9-4 - backports++ (kdm crasher in particular) * Thu May 1 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.9-3 - backport some post-4.11.9 upstream commits * Tue Apr 29 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.9-2 - respin * Fri Apr 25 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.9-1 - 4.11.9 * Thu Apr 24 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.8-7 - another batch of upstream commits, including final versions of screenlocker fixes * Tue Apr 22 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.8-6 - pull in proposed screenlocker fixes (kde#224200, kde#327947, kde#329076) * Sat Apr 19 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.8-5 - plasma-dataengine-extractor love - move calendar dataengine to -akonadi subpkg (currently unused) * Mon Apr 14 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.8-4 - disable nepomuk support (kde-4.13, f21+) * Mon Apr 14 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.8-3 - startkde.cmake: PAM_KWALLET_LOGIN typo * Fri Apr 11 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.8-2 - pull in some post 4.11.8 commits - ... namely adds support for pam-kwallet and XDG_CURRENT_DESKTOP * Thu Apr 3 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.8-1 - 4.11.8 * Tue Mar 25 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> - 4.11.7-6 - bbcukmet: fix processing of weather conditions (regression in -5) * Mon Mar 24 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> - 4.11.7-5 - bbcukmet: fix typo in the condition->icon matching ("clar sky" -> "clear sky") - bbcukmet: fix a crash (#1079296/kde#332392) and improve error handling * Sat Mar 15 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> - 4.11.7-4 - apply fixes for kde#330773 (BBC weather no longer working) from bugs.kde.org * Thu Mar 13 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> - 4.11.7-3 - do not mess with XDG_DATA_DIR in startkde, fixes default apps (kde#332107) - change the startkde patch to a modified copy to prevent more such regressions * Fri Mar 7 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.11.7-2 - pull in some upstream fixes - drop f18-related (systemd) hacks * Fri Feb 28 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.7-1 - 4.11.7 * Wed Feb 26 2014 Lukáš Tinkl <ltinkl@redhat.com> 4.11.6-3 - fix broken suspend/resume with systemd >= 209 (kdebug331403) * Thu Feb 6 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.6-2 - fix runtime deps (%version vs. %_kde4_version) * Fri Jan 31 2014 Rex Dieter <rdieter@fedoraproject.org> - 4.11.6-1 - 4.11.6 * Mon Jan 27 2014 Adam Jackson <ajax@redhat.com> 4.11.5-2 - Rebuild for new sonames in libxcb 1.10 * Fri Jan 3 2014 Rex Dieter <rdieter@fedoraproject.org> 4.11.5-1 - 4.11.5 * Tue Dec 31 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.4-2 - disable session management for screensavers (kde#314859,review#109609)) * Tue Dec 10 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.4-1 - 4.11.4 * Mon Nov 25 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.3-5 - followup screenlocker fixes/polish (#1029917, #1032612) * Sat Nov 23 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.11.3-4 - screenlocker improvements (#1029917, #1032612) * Sat Nov 16 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.11.3-3 - kdm-themes: fix kde-wallpapers dep (make unversioned) * Mon Nov 11 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.11.3-2 - include upstream commit for upower-1.0 support * Sat Nov 2 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.11.3-1 - 4.11.3 * Mon Oct 28 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.2-3 - startkde adding /bin to $PATH (#1023999) * Mon Sep 30 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.2-2 - kde-style-oxygen subpkg * Sat Sep 28 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.11.2-1 - 4.11.2 * Mon Sep 23 2013 Martin Briza <mbriza@redhat.com> - 4.11.1-3 - updated the KDM plymouth with work by guys from SUSE - respin of the KDM multiseat patch * Mon Sep 9 2013 Lukáš Tinkl <ltinkl@redhat.com> - 4.11.1-2 - #1005133: fix application specific icons (kdebz#324574) - fix shutdown vs logout messup (kdebz#307288) * Tue Sep 3 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.11.1-1 - 4.11.1 * Wed Aug 21 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.0-4 - use backlight actual_brightness interface * Tue Aug 20 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.0-3 - Remove kio_sysinfo dep from kde-workspace (#998016) * Mon Aug 19 2013 Rex Dieter <rdieter@fedoraproject.org> 4.11.0-2 - plasma startup delay 4-7 (kde#321695) * Thu Aug 8 2013 Than Ngo <than@redhat.com> - 4.11.0-1 - 4.11.0 * Wed Aug 7 2013 Martin Briza <mbriza@redhat.com> - 4.10.97-3 - Changed the KDM hardening to -fpic -pic * Mon Aug 5 2013 Martin Briza <mbriza@redhat.com> - 4.10.97-2 - Made kdm and kdm_greet hardened (#983619) * Thu Jul 25 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.10.97-1 - 4.10.97 * Tue Jul 23 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.10.95-1 - 4.10.95 * Thu Jul 11 2013 Martin Briza <mbriza@redhat.com> - 4.10.90-2 - fix some multiseat issues in kdm, (XDG_SEAT, plymouth cooperation) as per discussion in #975079, thanks go to Stefan Brüns and Laercio de Sousa * Thu Jun 27 2013 Rex Dieter <rdieter@fedoraproject.org> - 4.10.90-1 - 4.10.90 * Wed Jun 26 2013 Rex Dieter <rdieter@fedoraproject.org> 4.10.4-6 - kmix: media track change memory leaks with pulseaudio+oxygen widget style (kde#309464, #912457) * Fri Jun 14 2013 Lukáš Tinkl <ltinkl@redhat.com> - 4.10.4-5 - fix kickoff menu kbd navigation (kdebz#310166) * Fri Jun 14 2013 Daniel Vrátil <dvratil@redhat.com> - 4.10.4-4 - add upstream patch for #921742 * Thu Jun 13 2013 Martin Briza <mbriza@redhat.com> - 4.10.4-3 - Fix VT numbers on starting a new session (#857366) * Tue Jun 11 2013 Daniel Vrátil <dvratil@redhat.com> - 4.10.4-2 - backport upstream patch for #921781 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1163778 - CVE-2014-8651 kde-workspace: arbitrary code execution and local privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=1163778 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update kde-workspace' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|